Overview
Securely create and configure an IAM Group in AWS with selected users and policies. This plan walks you through defining the IAM group name, optionally adding existing IAM users, attaching AWS-managed policy ARNs, and simulating permissions using a specified IAM principal. This ensures the setup is authorized and verified before deployment.
Execution Details
Phase 1 - Assessment: Collect All Inputs
- Capture IAM Group Name: Define the group name to be created in AWS IAM.
- Decide on Adding Existing IAM Users: Optionally specify if any current IAM users should be added to the new group.
- List IAM Usernames: If users are to be added, enter their names as a comma-separated list.
- Attach Policy ARNs: Input one or more AWS managed policy ARNs to be attached to the group.
- Permission Simulation ARN: Provide the IAM principal (user or role) to verify access via simulation.
Phase 2 - Summary & Confirmation
- Summarize Configuration: Display group name, attached policies, and IAM usernames provided.
- Confirm Configuration: Let the user review and approve before actual creation.
Phase 3 - Configuration: Create IAM Group, Attach Policies, Assign Users
- Create IAM Group: Provision the IAM group in the selected AWS account.
- Attach IAM Policies: Assign the specified managed policies to the group.
- Add IAM Users (If Applicable): Add the listed users to the group.
Phase 4 - Validation: Simulate and Verify Permissions
- Simulate IAM Actions: Use the provided principal ARN to simulate IAM actions (create group, attach policy, add users).
- Verify Configuration Success: Ensure all actions completed successfully and permissions align with expected setup.