This year I’ve started studying towards the AWS Certified Solutions Architect Associates exam. As a side to my studies, since I also use PowerShell a lot, I thought it’d made sense to also look into the AWS Tools for Windows PowerShell and see what cmdlets they provide. The first module as part of my studying was on Identity and Access Management or IAM.
Below are examples of the PowerShell cmdlet’s used to create, update and remove IAM users. I will look to write subsequent posts on other IAM objects such as groups and roles. Note you will need to have setup AWS Tools for Windows PowerShell and setup appropriate security for your AWS Credentials before running these commands.
To create a user we use the New-IAMUser cmdlet. Below is an example and the output once successfully executed, I have removed my AWS account number from the screenshot.
You can retrieve this users details by using the Get-IAMUser cmdlet. If you do not pass the -UserName parameter, it will retrieve the details of the user currently logged in.
If you want to edit a user’s username or path (as of right now I’m not sure what Path is used for when creating or updating a user) you use the Update-IAMUser cmdlet. Note I have also passed the -Force switch parameter to override the confirmation prompt.
Last but not least, we can delete the user by using the Remove-IAMUser cmdlet. Note I have passed the -Force switch parameter to override the confirmation prompt. Calling Get-IAMUser for TestUser2 returns an error message that the user with name TestUser2 cannot be found. This confirms the TestUser2 user was removed successfully.
That’s all for Users, next post I will look at is Groups. If you want more details, all the cmdlet’s I’ve written about above (and will write about for IAM) can be found here.