Adding and removing users in an IAM user group - AWS Identity and Access Management

Adding and removing users in an IAM user group

Use user groups to apply the same permissions policies across multiple users at once. You can then add users to or remove users from an IAM user group. This is useful as people enter and leave your organization.

View policy access

Before you change the permissions for a policy, you should review its recent service-level activity. This is important because you don't want to remove access from a principal (person or application) who is using it. For more information about viewing last accessed information, see Refining permissions in AWS using last accessed information.

Add or remove a user in a user group (console)

You can use the AWS Management Console to add or remove a user from a user group.

To add a user to an IAM user group (console)

  1. Sign in to the AWS Management Console and open the IAM console at https://console.aws.amazon.com/iam/.

  2. In the navigation pane, choose User groups and then choose the name of the group.

  3. Choose the Users tab and then choose Add users. Select the check box next to the users you want to add.

  4. Choose Add users.

To remove a user from an IAM group (console)

  1. Sign in to the AWS Management Console and open the IAM console at https://console.aws.amazon.com/iam/.

  2. In the navigation pane, choose User groups and then choose the name of the group.

  3. Choose the Users tab. Select the check box next to the users you want to remove and then choose Remove users.

Add or remove a user in a user group (AWS CLI)

You can use the AWS CLI to add or remove a user from a user group.

To add a user to an IAM user group (AWS CLI)

To remove a user from an IAM user group (AWS CLI)

Add or remove a user in a user group (AWS API)

You can use the AWS API to add or remove a user in a user group.

To add a user to an IAM group (AWS API)

To remove a user from an IAM user group (AWS API)