logo

AWS Configuration ReadOnly User

AWS ReadOnly User

This page describes how to add a ReadOnly AWS user. By providing the credentials of this user to the coordimap agent you are sure that no unintended changes will happen to your clould environment.

The AWS IAM (Identity and Access Management) service allows you to manage access to AWS services and resources securely by attaching different policies to users.

Go to the AWS Console and type IAM in the search box.

IAM Search in AWS Console

At the IAM dashboard in the sidebar select the Users menu and then click on the Add User button.

When creating a new user enter a user name and enable the Programmatic Access checkbox. This is needed to access the AWS infrastructure programmatically from the coordimap agent. We would recomment to deselect the AWS Management Console access checkbox. This allows the user to be able to login to the AWS Console. Click the Next: Permissions button.

Set User Details

We have to select the Attach existing policies directly button, then type ReadOnlyAccess to filter policies.

Move down until the policy “ReadOnlyAcces” and enable the checkbox beside that policy. Click the Next: Tags button.

Set ReadOnly Permission Policy

Skip the Tags page and click the Next: Review button.

Review the user details of the read-only account and click the Create User button.

Review IAM User

Finally, we have our credentials, click on the Download .csv button and store the password in a safe place. You can’t recover the Secret Access Key or Password and you will need to reset the account if you lost them.

Share credentials and the URL next to “Users with AWS Management Console access can sign-in at” link.

IAM Download Credentials CSV

On this page