1.First login to your system and open cmd on local machine or open your cloud shell on console .
2.If you want to check user permission on aws cli , use following command.
Command – # aws iam list-attached-user-policies –user-name <user-name>
3.Here allready attached some policies, but we want to attached new policies on new users, use following commands for that.(we provide ec2readonly)
Command – # aws iam attach-user-policy –user-name <user-name> –policy-arn arn:aws:iam::aws:policy/AmazonEC2ReadOnlyAccess
4.Whenever you need to attach a permission, first check the name of the permission you want to attach. If you are creating a new custom policy, name it according to the service, so it is easier to remember.
END