Create Admin User

Creating an IAM Admin User

ℹ️ Overview In this section, you will create an IAM User with administrative access by adding them to your previously created Admin Group. This follows AWS security best practices for identity management.

🔒 Security Note Creating individual IAM Users with appropriate permissions is crucial for maintaining security and accountability in your AWS environment.

Implementation Steps

  1. In the navigation pane, select Users then click Create user

AWS IAM

  1. On the Set user details page:
    • Enter a meaningful username (Example: AdminUser)
    • Select Provide AWS Management Console access
    • Choose I want to create an IAM user

💡 Pro Tip While IAM Users are still supported, AWS recommends using IAM Identity Center (successor to AWS SSO) for enterprise environments. Consider enabling IAM Identity Center for enhanced security and centralized access management.

AWS IAM

  1. Configure the console password:
    • Choose either Autogenerated password or Custom password
    • Keep User must create a new password at next sign-in selected (recommended)
    • Click Next

⚠️ Warning Ensure you securely store and communicate the initial password to the user. Never share credentials through unsecured channels.

AWS IAM

  1. Set permissions by selecting Add user to group:
    • Choose the Admin Group created in the previous section
    • This will grant the user administrative permissions through the group
    • Click Next

AWS IAM

  1. Review the user configuration:
    • (Optional) Add tags to help organize and track your IAM users
    • Verify all settings are correct
    • Click Create user

AWS IAM

  1. Secure the user credentials:
    • Click Show to view the password or
    • Download the .csv file containing the credentials
    • Store these credentials securely

⚠️ Warning This is your only chance to view or download the initial password. Make sure to save it securely before proceeding.

AWS IAM

  1. Verify successful user creation

AWS IAM

  1. Confirm the user is in the correct group

AWS IAM

  1. Copy the IAM user sign-in URL
    • This URL will be used to access the AWS Management Console
    • Share it securely with the new admin user

AWS IAM

💡 Pro Tip Consider setting up Multi-Factor Authentication (MFA) for additional security on this administrative account.