Create a New AWS User and AWS API Credentials

Step 1:

  • Log into the AWS Management Console using an Admin account.

  • In the search field next to the Services drop-down menu, type IAM and then select the IAM service from the drop-down menu.

Step 2:

  • In the IAM dashboard, under Access Management (in the left column), select Users.

  • On the Users page, select Add users in the upper-right corner.

  • In the Add user pop-up, in User name, enter EIPCollector.

  • For Access type, select the Programmatic access check box.

  • Select the Next: Permissions.

Add Necessary Permission Policies

Step 3:

  • Under the Set permissions drop-down, select Attach existing policies directly.

  • Select Create policy to create a custom policy.

  • In the Create policy pop-up, on the Visual editor tab, for Service, select Network Firewall, and then select Read Only Actions.

  • For Resources, select Specific and select the Any in this account check-box for Firewall and FirewallPolicy.

  • There are no Request conditions to complete. Proceed to the next step.

  • No action is needed for the Add tags section unless it is necessary for the customer organization. Proceed to the Review page.

  • Create a Name and Description for the new policy. A recommended name and description are found in the image below.

  • Select Create.

Step 4:

  • In the Filter policies search field, type SecurityAudit and select SecurityAudit from the results. Repeat this procedure for AmazonVPCReadOnlyAccess, AWSNetworkManagerReadOnlyAccess, and the new custom NetworkFirewallReadOnly policies. No Permission boundary is needed.

  • Select Next: Tags.

  • No action is needed for the Add tags section unless it is necessary for the customer organization.

  • Proceed to the Review page.

  • Review the new user and ensure it has the needed traits, as shown in the image below.

  • Select Create user.

Step 5:

  • At the final stage of creating a new user, a success message displays. Under the success message, the newly generated Access key ID and Secret access key appear. Copy them and store them in a secure location.

Last updated