Create/Reset IAM User in a minute
We all know command line is indeed much faster than the typical GUI. Lets say, if you wanted to reset any IAM user’s password using GUI, we would have to follow these steps:
- Get credentials of the AWS account
- Login to account
- Browse over to IAM Service
- Locate the particular user
- Regenerate the password
- Bored…. :(
What if, the password is reset in under 30 seconds (might be less), using command line ?
The below commands make use of AWS CLI, properly configured on your machine to use the particular profile.
Set the alias of the account
1 | alias aws=''`which aws`' --profile <PROFILE NAME> --region <REGION>' |
Example:
1 | alias aws=''`which aws`' --profile RandomAwsProfile --region ap-south-1' |
Get the list of IAM users
1 | aws iam list-users --output table |
Change the password of the particular user
1 | aws iam update-login-profile --user-name <USERNAME> --password <PASSWORD> --no-password-reset-required |
Just in case, if you wanted to create a new user, simply follow the below steps (Choose permission policy carefully):
1 | # Create the user |
Don’t forget to remove the alias set for the aws command, by this:
1 | unalias aws |
You can use the following popular policy ARNs below:
- arn:aws:iam::aws:policy/AdministratorAccess
- arn:aws:iam::aws:policy/AmazonEC2FullAccess
- arn:aws:iam::aws:policy/AmazonEC2ReadOnlyAccess
- arn:aws:iam::aws:policy/AmazonRDSFullAccess
- arn:aws:iam::aws:policy/AmazonRDSReadOnlyAccess
- arn:aws:iam::aws:policy/AmazonS3FullAccess
- arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess
- arn:aws:iam::aws:policy/PowerUserAccess
- arn:aws:iam::aws:policy/ReadOnlyAccess
or,1
aws iam list-policies --output table
Let me know what you think.