How to Create an IAM User with AWS CDK

How to Create an IAM User with AWS CDK

Mikaeel Khalid's photo
Mikaeel Khalid
·

3 min read

The AWS Identity and Access Management (IAM) service allow you to manage users and their permissions within your AWS environment. In this article, we will show you how to create an IAM user using the AWS Cloud Development Kit (CDK).

The AWS CDK is an open-source software development framework for defining cloud infrastructure as code and provisioning it through AWS CloudFormation. With the AWS CDK, you can use familiar programming languages, such as TypeScript, Python, Java, and others, to write infrastructure-as-code scripts that define your AWS environment.

To create an IAM user in the AWS CDK, you will need to write a script that creates an IAM user object and assigns the desired permissions to it. To get started, you will need to install the AWS CDK and initialize a new project in your preferred programming language.

Here is an example of how to create an IAM user in the AWS CDK using TypeScript:

import * as cdk from 'aws-cdk-lib';
import * as iam from 'aws-cdk-lib/aws-iam';

export class IamUserStack extends cdk.Stack {
  constructor(scope: cdk.App, id: string, props?: cdk.StackProps) {
    super(scope, id, props);

    const user = new iam.User(this, 'IamUser', {
      userName: 'iam-user',
    });

    const policy = new iam.Policy(this, 'Policy', {
      policyName: 'IamUserPolicy',
      statements: [
        new iam.PolicyStatement({
          actions: ['s3:ListBucket'],
          resources: ['arn:aws:s3:::*'],
        }),
      ],
    });

    policy.attachToUser(user);
  }
}

In the code above, we first import the AWS CDK and IAM modules from the aws-cdk-lib library. Then, we define a new IAM user by creating an instance of the User class and specifying the desired user name.

Next, we create an IAM policy using the Policy class. The policy defines the permissions that will be assigned to the IAM user. In this example, we are granting the ListBucket action on all S3 buckets in the AWS account.

Finally, we attach the policy to the IAM user using the attachToUser method of the Policy class.

Once you have written the script, you can use the AWS CDK CLI to deploy the IAM user to your AWS environment. To deploy the IAM user, you will need to run the following command in your terminal:

cdk deploy

The AWS CDK will then create a CloudFormation stack and deploy the IAM user to your AWS environment. You can verify the successful deployment of the IAM user by logging into the AWS Management Console and checking the IAM section.

To destroy the above stack:

cdk destroy

In conclusion, the AWS CDK provides an easy and convenient way to manage IAM users in your AWS environment. With the AWS CDK, you can define IAM users and their permissions using code, making it easy to automate the creation and management of IAM users in your AWS environment.

Did you find this article valuable?

Support Mikaeel Khalid by becoming a sponsor. Any amount is appreciated!

AWSaws-cdkIAM#IaC