Scenario 2: Limited user access to the AWS Management Console within a single account

This scenario is excellent for users that require control of AWS resources, such as students in cloud computing or high performance computing (HPC) classes. With this scenario, users are given restricted access to the AWS services through their IAM credentials.

Example

Consider a class with 25 students. The administrator creates 25 IAM users using the AWS Management Console, AWS Command Line Interface, or APIs, and provides each student with their IAM credentials and a login URL for the AWS Management Console. The administrator also creates a permissions policy that can be attached to a user group or an individual user to allow or deny access to different services.

Each student (IAM user) has access to resources and services as defined by the access control policies set by the administrator. Students can log in to the AWS Management Console to access different AWS services as defined the policy. For example, they could launch Amazon EC2 instances and store objects in Amazon Simple Storage Service (Amazon S3) buckets.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Scenario 1: Individual server environments

Scenario 3: Separate AWS accounts for each user