Create an IAM User Group

CloudCheckr recommends that all IAM users belong to an IAM user group, so you can apply group permissions to users who are members of group automatically.

It's more practical to create groups that relate to job functions—such as administrators, developers, finance professionals—and define the relevant permissions for each group. Once you have created your groups, you will assign IAM users to those groups. All the users in an IAM group inherit the group permissions. When you change the group permissions, AWS will filter those changes to any IAM user that is a member of that group.

This topic shows you how to create an IAM user in the AWS Management Console.


  1. Log in to the AWS Management Console.
  2. From the AWS Services screen, select Security, Identity & ComplianceIAM.

  3. From the dashboard, click Groups.

    The groups list displays.
  4. Click the Create New Group button.

    The Create New Group Wizard opens.

  5. Type a group name. Click Next Step.

    The policy list displays.
  6. Select the checkbox associated with the policy or policies you created and click Next Step.

    The page displays the new IAM group name and the attached policy.
  7. Click Create Group.

    AWS adds the new IAM group to the group list.

How did we do?