AWS policy creation

Leave a Comment / IAM (Identity and Access Management) / By

Importancy – 

We create AWS IAM policies to define permissions for users, groups, and roles.They control who can access which AWS resources and what actions they can perform.Policies help ensure security by following the principle of least privilege.They are written in JSON and attached to IAM identities or resources.

Here are the main ways to create IAM policies in AWS:

  1. AWS Managed Policies – Predefined by AWS, ready to use for common tasks.
  2. Customer Managed Policies – Custom policies you create to suit specific needs.
  3. Inline Policies – Policies directly attached to a single user, group, or role.
  4. Policy Generator or Visual Editor – Tools in AWS Console to help create policies easily.

We will proceed with the Policy Generator and Visual Editor to create IAM policies.

1.Log in to your AWS account using the correct credentials.

2.If you log in with a new IAM user, you will notice that you cannot access any services in the AWS Management Console by default.

3.Other wise no, that time create a new user and login a console and try to access any services like this.(login as new IAM user testuser)

4.Try to access any services , and realize you are not able to access any services, that access EC2.

5.We create policy for access aws EC2 that time use we use aws policy generation and visual editor for s3 bucket access

Open google and search this url – https://awspolicygen.s3.amazonaws.com/policygen.html

6.Select option according to your needs like type of policy, Effect, AWS services, Actions like DescribeInstances,DescribeVolumes,DescribeSnapshots,DescribeSecurityGroups, Resource arn , here we use * for all resource in Ec2 , then click on add statement and click on generate policy , then Copy the JSON and use it in IAM when creating a policy.

7.Attach this permission to the selected user.

8. Select option create inline policy click on this

9. Select Editor json

10. After open this policy editor paste policy here. And click on next.

11.Provide policy details like policy name  and click on create policy.

12. The policy has been automatically attached to the user, and you have successfully generated and applied this policy to the user..

13.Now, try to access the service. You should be able to access it successfully

14. We tried to access the S3 bucket, but encountered an error because the required permissions were not attached.

15.Generate the policy by navigating to the “User” section, selecting permissions, choosing “Inline Policy,” and using the “Visual Editor” to define the policy.

16. Select the S3 tables for the operation, then choose the effect, followed by permissions (list), resources, and finally create the policy.

17. Provide the policy details, such as the policy name, and then click “Next” to proceed.

18. The policy has been successfully created. Are you able to see it now.

19. Now, check with the IAM user to verify if they are able to access the S3 bucket service.

END

Leave a Comment

Your email address will not be published. Required fields are marked *