Create IAM users and groups
This topic describes how to use AWS Command Line Interface (AWS CLI) commands to create an AWS Identity and Access Management (IAM) group and a new user, and then add the user to the group. For more information on the IAM service, see the AWS Identity and Access Management User Guide.
Before you run any commands, set your default credentials. For more information, see Configure the AWS CLI.
To create a group and add a new user to it
-
Use the
create-group
command to create the group. $
aws iam create-group --group-name
MyIamGroup
{ "Group": { "GroupName": "MyIamGroup", "CreateDate": "2018-12-14T03:03:52.834Z", "GroupId": "AGPAJNUJ2W4IJVEXAMPLE", "Arn": "arn:aws:iam::123456789012:group/
MyIamGroup
", "Path": "/" } } -
Use the
create-user
command to create the user. $
aws iam create-user --user-name
MyUser
{ "User": { "UserName": "
MyUser
", "Path": "/", "CreateDate": "2018-12-14T03:13:02.581Z", "UserId": "AIDAJY2PE5XUZ4EXAMPLE", "Arn": "arn:aws:iam::123456789012:user/MyUser
" } } -
Use the
add-user-to-group
command to add the user to the group. $
aws iam add-user-to-group --user-name
MyUser
--group-nameMyIamGroup
-
To verify that the
MyIamGroup
group contains theMyUser
, use theget-group
command. $
aws iam get-group --group-name
MyIamGroup
{ "Group": { "GroupName": "
MyIamGroup
", "CreateDate": "2018-12-14T03:03:52Z", "GroupId": "AGPAJNUJ2W4IJVEXAMPLE", "Arn": "arn:aws:iam::123456789012:group/MyIamGroup
", "Path": "/" }, "Users": [ { "UserName": "MyUser
", "Path": "/", "CreateDate": "2018-12-14T03:13:02Z", "UserId": "AIDAJY2PE5XUZ4EXAMPLE", "Arn": "arn:aws:iam::123456789012:user/MyUser
" } ], "IsTruncated": "false" }