AWS Account & IAM Setup

Create an IAM user with programmatic access for deployments

💵 Good News: IAM is completely FREE. You can create unlimited users, roles, and policies at no cost. See our Costs & Cleanup Guide for other service costs.

What is IAM?

IAM (Identity and Access Management) is AWS's security service that controls who can access what in your AWS account. Instead of using your root account (which has unlimited access), you create IAM users with specific permissions.

Security Best Practice

Never use your root account for daily work. Always create IAM users with only the permissions they need. For learning, we use AdministratorAccess, but in production, use minimal permissions.

Creating an IAM User

Follow these steps in the AWS Management Console:

1

Search for IAM

In the AWS Management Console, use the search bar at the top to find "IAM" and select it.

2

Navigate to Users

Click "Users" in the left sidebar, then click the "Create user" button.

3

Enter User Details

Name the user "dev-user-fargate". IMPORTANT: Uncheck "Provide user access to the AWS Management Console" - we only need programmatic access.

4

Set Permissions

On the permissions page, select "Attach policies directly" and check "AdministratorAccess". Click "Next" and then "Create user".

5

Generate Security Keys

Click on the user you just created. Go to the "Security credentials" tab and click "Create access key".

6

Select CLI Access

Choose "Command Line Interface (CLI)" as the use case. Check the confirmation box and click "Next".

7

Save Your Keys

CRITICAL: Copy both the Access Key ID and Secret Access Key. Download the .csv file immediately - you wont see the secret key again!

Protect Your Keys!

  • Never commit access keys to Git
  • Never share keys in chat, email, or tickets
  • Rotate keys regularly (every 90 days)
  • Delete keys you no longer use

Understanding Key Types

Key TypePurposeWhere Its Used
Access Key IDIdentifies who you areLike a username
Secret Access KeyProves its really youLike a password

IAM Policy Options

Choose the right permission level for your use case:

For learning and development, use AdministratorAccess to avoid permission errors:

JSON
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": "*",
      "Resource": "*"
    }
  ]
}

Learning Only

This grants full access to everything. Never use in production or shared accounts.

Whats Next?

Now that you have your access keys, youll use them in the next step to configure the AWS CLI on your computer.

Previous
Quick Deploy Guide
Next
AWS Console Setup

AWS Deployment Guide — Built with Next.js