Automated account creation using AWS CLI - Kahuna915/Capstone-Cloud-Integration GitHub Wiki
Bulk import IAM users into iam identity center:
- Keep in mind you need to have SAML IdP
- But in our case we will be using an on premise AD...
- Which we cant set up because its too expensive 36.00 a month for slow speeds or 108.00 for speed.
- First you would setup an AD Connector:
- Then you would follow these steps with the VPC and subnets that tanner created.
- Then head over to IAM identity center and click change identity source and then click active directory and choose it then it should pull the accounts.
In our case, we would need to automate the creation of accounts for the On Premise AD which is already created
- So what I began working on is working on a script that would mass important into an Identity Center Directory
- I set up AWS CLI in Visual Studio Code:
- This requires a secret key and access key for the IAM account.
My script for creation of IAM users test:
- I use Cloud formation to create a stack and run the script I created:
- It is in progress...
- It failed, defined the policy incorrectly...let me try again.
And on attempt 3 we have success:
- And we see here the policy that was created:
- Here is my script: Creating Users Script through Cloud Formation
Resources used:
AWS AD on prem to cloud:
https://docs.aws.amazon.com/directoryservice/latest/admin-guide/directory_ad_connector.html https://docs.aws.amazon.com/singlesignon/latest/userguide/connectonpremad.html https://docs.aws.amazon.com/singlesignon/latest/userguide/manage-your-identity-source-ad.html
Setting Up Auto accounts for IAM users:
https://aws.amazon.com/blogs/security/how-to-bulk-import-users-and-groups-from-csv-into-aws-sso/
AWS control tower account import:
AWS to VSCode & beginning of YAML
https://www.sqlshack.com/getting-started-with-aws-toolkit-for-visual-studio-code/ https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-user.html https://www.techtarget.com/searchaws/video/Automate-user-and-group-creation-with-this-AWS-IAM-tutorial