Create IAM users and groups
This topic describes how to use AWS Command Line Interface (AWS CLI) commands to create an AWS Identity and Access Management (IAM) group and a new user, and then add the user to the group. For more information on the IAM service, see the AWS Identity and Access Management User Guide.
Before you run any commands, set your default credentials. For more information, see Configure the AWS CLI.
To create a group and add a new user to it
-
Use the
create-groupcommand to create the group. $aws iam create-group --group-nameMyIamGroup{ "Group": { "GroupName": "MyIamGroup", "CreateDate": "2018-12-14T03:03:52.834Z", "GroupId": "AGPAJNUJ2W4IJVEXAMPLE", "Arn": "arn:aws:iam::123456789012:group/MyIamGroup", "Path": "/" } } -
Use the
create-usercommand to create the user. $aws iam create-user --user-nameMyUser{ "User": { "UserName": "MyUser", "Path": "/", "CreateDate": "2018-12-14T03:13:02.581Z", "UserId": "AIDAJY2PE5XUZ4EXAMPLE", "Arn": "arn:aws:iam::123456789012:user/MyUser" } } -
Use the
add-user-to-groupcommand to add the user to the group. $aws iam add-user-to-group --user-nameMyUser--group-nameMyIamGroup -
To verify that the
MyIamGroupgroup contains theMyUser, use theget-groupcommand. $aws iam get-group --group-nameMyIamGroup{ "Group": { "GroupName": "MyIamGroup", "CreateDate": "2018-12-14T03:03:52Z", "GroupId": "AGPAJNUJ2W4IJVEXAMPLE", "Arn": "arn:aws:iam::123456789012:group/MyIamGroup", "Path": "/" }, "Users": [ { "UserName": "MyUser", "Path": "/", "CreateDate": "2018-12-14T03:13:02Z", "UserId": "AIDAJY2PE5XUZ4EXAMPLE", "Arn": "arn:aws:iam::123456789012:user/MyUser" } ], "IsTruncated": "false" }
