{
	"id": "fbddd913-0bdd-4c52-90d4-c9e215301ca6",
	"created_at": "2026-04-06T00:19:57.233887Z",
	"updated_at": "2026-04-10T03:22:04.585879Z",
	"deleted_at": null,
	"sha1_hash": "3123820268a40d6461ce74fe36bdc72e0a826a83",
	"title": "Create an IAM user in your AWS account",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 59854,
	"plain_text": "Create an IAM user in your AWS account\r\nArchived: 2026-04-05 23:18:16 UTC\r\n1.\r\n2.\r\n3.\r\n4. User Guide\r\nFocus mode\r\nImportant\r\nIAM best practices recommend that you require human users to use federation with an identity provider to access\r\nAWS using temporary credentials instead of using IAM users with long-term credentials. We recommend that you\r\nonly use IAM users for specific use cases not supported by federated users.\r\nThe process of creating an IAM user and enabling that user to perform tasks consists of the following steps:\r\n1. Create the user in the AWS Management Console, the AWS CLI, Tools for Windows PowerShell, or using\r\nan AWS API operation. If you create the user in the AWS Management Console, then steps 1–4 are handled\r\nautomatically, based on your choices. If you create the IAM users programmatically, then you must\r\nperform each of those steps individually.\r\n2. Create credentials for the user, depending on the type of access the user requires:\r\nEnable console access – optional: If the user needs to access the AWS Management Console,\r\ncreate a password for the user. Disabling console access for a user prevents them from signing in to\r\nthe AWS Management Console using their user name and password. It does not change their\r\npermissions or prevent them from accessing the console using an assumed role.\r\nTip\r\nCreate only the credentials that the user needs. For example, for a user who requires access only through\r\nthe AWS Management Console, do not create access keys.\r\n3. Give the user permissions to perform the required tasks. We recommend that you put your IAM users in\r\ngroups and manage permissions through policies that are attached to those groups. However, you can also\r\ngrant permissions by attaching permissions policies directly to the user. If you use the console to add the\r\nuser, you can copy the permissions from an existing user to the new user.\r\nYou can also add a permissions boundary to limit the user’s permissions by specifying a policy that defines\r\nthe maximum permissions that the user can have. Permissions boundaries don't grant any permissions.\r\nhttps://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_create.html\r\nPage 1 of 4\n\nFor instructions on creating a custom permission policy to use to either grant permissions or set a\r\npermissions boundary, see Define custom IAM permissions with customer managed policies.\r\n4. (Optional) Add metadata to the user by attaching tags. For more information about using tags in IAM, see\r\nTags for AWS Identity and Access Management resources.\r\n5. Provide the user with the necessary sign-in information. This includes the password and the console URL\r\nfor the account sign-in page where the user provides those credentials. For more information, see How\r\nIAM users sign in to AWS.\r\n6. (Optional) Configure multi-factor authentication (MFA) for the user. MFA requires the user to provide a\r\none-time-use code each time he or she signs into the AWS Management Console.\r\n7. (Optional) Give IAM users permissions to manage their own security credentials. (By default, IAM users\r\ndo not have permissions to manage their own credentials.) For more information, see Permit IAM users to\r\nchange their own passwords.\r\nNote\r\nIf you use the console to create the user and you select User must create a new password at next sign-in\r\n(recommended), the user has the required permissions.\r\nFor information about the permissions that you need in order to create a user, see Permissions required to access\r\nIAM resources.\r\nFor instructions on creating IAM users for specific use cases, see the following topics:\r\nCreate an IAM user for emergency access\r\nCreate an IAM user for workloads that can't use IAM roles\r\nMFA enabled sign-in\r\nView IAM users\r\nView related pages\r\n \r\nAbstracts generated by AI\r\nLocation › developerguide\r\nSet up your account\r\nSetting up AWS account, creating administrative user, enabling multi-factor authentication, assigning access\r\npermissions, creating permission set, granting unauthenticated access, enabling identity federation.\r\nApril 4, 2026\r\nhttps://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_create.html\r\nPage 2 of 4\n\nLocation › developerguide\r\nPrerequisites for using Amazon Location Service\r\nSecure AWS account, create administrative user, assign permissions, grant access to Amazon Location Service,\r\nenable unauthenticated access using Amazon Cognito.\r\nApril 4, 2026\r\nBatch › userguide\r\nCreate IAM account and administrative user\r\nCreating AWS account, securing root user, enabling multi-factor authentication, granting administrative access via\r\nIAM Identity Center, creating permission set.\r\nApril 4, 2026\r\nDiscover highly rated pages\r\n \r\nAbstracts generated by AI\r\nIAM › UserGuide\r\nWhat is IAM?\r\nIAM controls access, manages permissions, sets up identities, authenticates, authorizes operations on AWS\r\nresources, replicates data across data centers.\r\nApril 5, 2026\r\nIAM › UserGuide\r\nSecurity best practices in IAM\r\nApply least-privilege permissions, use IAM roles, MFA, Access Analyzer, guardrails, boundaries.\r\nApril 5, 2026\r\nIAM › UserGuide\r\nIAM Identities\r\nIAM identities—users, groups, roles—link policies defining authorized AWS actions, resources, conditions.\r\nApril 5, 2026\r\nRelated resources\r\nhttps://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_create.html\r\nPage 3 of 4\n\nRecommended tasks\r\nDid this page help you?\r\nSource: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_create.html\r\nhttps://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_create.html\r\nPage 4 of 4",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"references": [
		"https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_create.html"
	],
	"report_names": [
		"id_users_create.html"
	],
	"threat_actors": [],
	"ts_created_at": 1775434797,
	"ts_updated_at": 1775791324,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/3123820268a40d6461ce74fe36bdc72e0a826a83.pdf",
		"text": "https://archive.orkl.eu/3123820268a40d6461ce74fe36bdc72e0a826a83.txt",
		"img": "https://archive.orkl.eu/3123820268a40d6461ce74fe36bdc72e0a826a83.jpg"
	}
}