0
0
AwsHow-ToBeginner · 3 min read

How to Attach a Policy to a User in AWS IAM

To attach a policy to a user in AWS, use the aws iam attach-user-policy command with the user's name and the policy ARN. Alternatively, you can attach policies via the AWS Management Console by selecting the user and adding the desired policy.
📐

Syntax

The command to attach a policy to a user in AWS CLI is:

aws iam attach-user-policy --user-name <UserName> --policy-arn <PolicyARN>

Here:

  • --user-name: The name of the IAM user you want to attach the policy to.
  • --policy-arn: The Amazon Resource Name (ARN) of the policy you want to attach.
bash
aws iam attach-user-policy --user-name Alice --policy-arn arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess
💻

Example

This example attaches the AmazonS3ReadOnlyAccess policy to a user named Alice using AWS CLI.

bash
aws iam attach-user-policy --user-name Alice --policy-arn arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess
⚠️

Common Pitfalls

  • Using the wrong --user-name that does not exist causes an error.
  • Providing an incorrect or misspelled --policy-arn will fail to attach the policy.
  • Trying to attach a policy without sufficient IAM permissions will result in an access denied error.
  • Remember that attaching a policy does not replace existing policies; it adds to the user's permissions.
bash
aws iam attach-user-policy --user-name alice --policy-arn arn:aws:iam::aws:policy/NonExistentPolicy

# Correct usage:
aws iam attach-user-policy --user-name Alice --policy-arn arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess
📊

Quick Reference

Summary tips for attaching policies to AWS users:

  • Use exact user names and policy ARNs.
  • Check your IAM permissions before attaching policies.
  • Use AWS Console for a visual way to attach policies.
  • Detach policies with aws iam detach-user-policy if needed.

Key Takeaways

Use the AWS CLI command aws iam attach-user-policy with correct user name and policy ARN to attach policies.
Ensure the IAM user exists and the policy ARN is valid to avoid errors.
You need proper IAM permissions to attach policies to users.
Attaching a policy adds permissions; it does not remove existing ones.
You can also attach policies via the AWS Management Console for ease.

Related by keyword

How to Set Scaling Policy in AWS: Step-by-Step GuideEC2How to Set Bucket Policy in AWS S3: Simple GuideS3How to Attach EBS Volume to EC2 Instance in AWSEC2ACL vs Bucket Policy in S3: Key Differences and Usage GuideS3How to Sync a Folder to AWS S3 Using AWS CLIS3

Up next

AWS Shared Responsibility Model: What It Is and How It WorksWhat is AWS Used For: Key Uses and ExamplesALB vs NLB vs CLB: Key Differences and When to Use EachEBS vs Instance Store in AWS: Key Differences and Usage Guide

More in IAM

How to Attach a Policy to an AWS Role: Simple StepsHow to Create Custom IAM Policy in AWS: Simple GuideHow to Create IAM Group in AWS: Step-by-Step GuideHow to Create IAM Policy in AWS: Step-by-Step Guide