From AWS console click IAM under Security,Identity and Compliance
Click Users-Add user
Select access type:whether user will have access to AWS console or through development tools (ssh for example)
We can add user to group,copy permissions from existing user or assign permissions to user directly
We can choose one of available permissions set and see details clicking on selected “triangle”
We can also see details clicking JSON tab
On the same way we can also create groups
Remember, we can set permission for user and for group
And we can add user to group,delete group and remove user from group
Password policy
From IAM menu click Account Settings,
from here we can set password rules
Roles
With roles setting we set how one AWS service interacts with other AWS service
For example,if we want Amazon Redshift (data warehouse) role to interact with
Cognito (add user sign-up and sign-in and manage permissions…
View original post 26 more words