Amazon IAM (Identity and Access Management) enables you to manage users and user permissions in AWS. You can create one or more IAM users in your AWS account. You might create an IAM user for someone who needs access to your AWS console, or when you have a new application that needs to make API calls to AWS. This is to add an extra layer of security to your AWS account.
In this chapter, we are going to create a new IAM user for a couple of the AWS related tools we are going to be using later.
First, log in to your AWS Console and select IAM from the list of services.
Select Add User.
Enter a User name and check Programmatic access, then select Next: Permissions.
Select Attach existing policies directly.
Search for AdministratorAccess and select the policy, then select Next: Review.
We can provide a more fine-grained policy here and we cover this later in the Customize the Serverless IAM Policy chapter. But for now, let’s continue with this.
Select Create user.
Select Show to reveal Secret access key.
Take a note of the Access key ID and Secret access key. We will be needing this later.
The concept of IAM pops up very frequently when working with AWS services. So it is worth taking a better look at what IAM is and how it can help us secure our serverless setup.