- Newest
- Most votes
- Most comments
Hello.
IAM users do not use their email address when signing in.
You will need your AWS account ID, IAM username, and password.
Therefore, after creating a user, you need to tell the member who will be signing in the AWS account ID, user name, and initial password.
The IAM policy required by the developer will depend on what kind of work you want the developer to do, but if you want the developer to perform all operations, I think you should set the "AdministratorAccess" policy.
https://docs.aws.amazon.com/aws-managed-policy/latest/reference/AdministratorAccess.html
If you do not create IAM users etc., I think it is a good idea to set the "PowerUserAccess" policy.
https://docs.aws.amazon.com/aws-managed-policy/latest/reference/PowerUserAccess.html
It is also possible to set the "AdministratorAccess" policy at the beginning, and once the user has performed a certain amount of operations, use IAM Access Analyzer to generate the necessary IAM policy from the operation history.
https://docs.aws.amazon.com/IAM/latest/UserGuide/what-is-access-analyzer.html#what-is-access-analyzer-policy-generation
Relevant content
- AWS OFFICIALUpdated 9 months ago
- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated 7 months ago
- AWS OFFICIALUpdated a year ago