This article goes over giving
ReadOnlyAccess to your AWS account. It allows us to read data in your AWS account but not make any changes to it.
Creating an AWS User
- Navigate to the user tab under IAM by going to https://console.aws.amazon.com/iam/home#/users and click
- Set a name for the user and enable both Programatic and Console Access. Then click to
Attach existing policy directlyand look for
ReadOnlyAccessPolicy. Select the policy before clicking
- Optionally, add a tag to the project for tracking purposes. Click
- Make sure that everything looks right and click
- Download the csv and send an email to the person you are granting access to with the IAM login link. Send the csv with the credentials along with the email or separately in a different channel of your choice.
Deleting an AWS User
- After the audit is done, its important to delete the credentials to limit further access (optionally, you can also choose to disable the keys and password but this guide will cover deleting the credential). To do so, go back to the IAM user page here. Select the user you wish to delete and click
Delete User. Click
Yeson the ensuing confirmation box.
And you’re done. Hope this article was informative and feel free to reach out or comment if you have any questions or feedback for this post.