Install and configure AWS CLI for an IAM user.
Step 1: Download the AWSCLI toll to manage services from console:
https://s3.amazonaws.com/aws-cli/AWSCLI64.msi
Install the downloaded file.
Note: If you have an existing IAM User with programmatic access and Full S3 Access permissions, go to Step 8.
Step 2: Go to IAM service dashboard. In the left side panel, click on Users under Access management.
Click on Add User.
Step 3: In Set User Details, Give the name as S3User. Check the box for Programmatic access. This provides the user access to development tools such as CLI.
Click on Next: Permissions in bottom right corner.
Step 4: Under Set Permissions, click on Attach existing policies directly.
In the Filter policy search box, search for S3 full access and select AmazonS3FullAccess from the drop down searched policies.
Click on Next: Tags in bottom right corner.
Step 5: Add a tag with Key: Name and Value: S3User. Click on Next: Review in bottom right corner.
Step 6: Click On Create User after reviewing the details.
Step 7: On this step, click on Download .csv button. A .csv file compatible with MsExcel will get downloaded on your local drive.
Save this file in a secure location for further use and correspondence.
Go to IAM dashboard and confirm that the user has been created.
Step 8: Find the Global drop down on your AWS console top bar and copy the alias of region name. The region name is usually the name of region that you are operating from. E.g. ap-south-1 in this case.
Store it in a text file.
Step 9: Open Command Prompt.
Type in the command: aws configure
Copy the Access key ID from .csv file and paste it here for AWS Access Key ID.
Similarly copy the Secret access key and paste it here for AWS Secret Access Key.
Give the Default region name that we stored in Step 8, ap-south-1 in this case.
Give Default output format as text.
Step 10: This step is to test whether the User can access S3 services through AWS CLI commands.
To create a bucket enter following command:
aws s3 mb s3://mybucket753159
Here mybucket753159 is a random name chosen for your bucket.
You may have to try this command again if your required bucket name is already being used by some other AWS user.
If you observe make_bucket: (name of your bucket) as output, your bucket has been successfully created for this particular s3 user using the access and policies you chose for the user.
Step 11: Go to S3 services from AWS console and click on Buckets to check that the bucket has been created.
Note: Delete the S3 bucket and the IAM user if you no longer need to use them.
No comments:
Post a Comment