Business
Scenario
Pirates Cloud LLC
Your company is expecting a security audit. You will be responsible for providing an access to configuration logs stored on the S3. Auditor needs to get Read-Only access to the resources.
You will create an IAM User for an auditor. You will add this user to the S3-LogAudit group so that he inherits the necessary permissions via the attached AmazonS3ReadOnlyAccess policy.
Create a new IAM user.
- In the left navigation pane, click Users.
- Click Add user, and configure following:
- User name: your_username_audit (ex. awsninja1_audit)
- Select AWS credential type : select Password – AWS Management Console access
- Console password: leave Autogenerated password
- Require password reset: uncheck User must create a new password at next sign-in
- Leave the rest in default and click Next:Permissions.
- In Set permissions tab select Add user to group and then select S3-LogAudit group.
- Click Next:Tags, Next: Review and Create user.
- Write down the password and click Close.
