How To: Provide Read-Only Access on the AWS Console

Chris Alexander
Chris Alexander
Digital Marketing Innovator
Share article to

Often there is a case when you have to provide read-only access to a user on your Amazon Web Services (AWS) account for security, training, or audit purposes. You may be exploring options to onboard a engineer or vendor and this is an effective and secure way to allow them to get a better understanding of your setup without the risk of breaking something.

In this insight, we will show you the steps needed to assign read-only access to any users, through the AWS console.

Create a Group

This step is optional, but we would suggest it as best practice. Groups allow you to easily manage users and policies.

In this example, we are creating a group named “auditors”. Choose a name that is self-explanatory and relevant to your organization.

Screenshot of the Set Group Name screen within the AWS console.

Attach an IAM Policy to Group

On the next screen, while creating a group, you have the option to attach a policy to the group. Search and select the predefined AWS policy named ‘ReadOnlyAccess’.

Screenshot of the Attach Policy screen within the AWS console.

To reference the attached policies to a group, check the Permissions tab under the Group details.

Screenshot of the Permissions tab under the Group details within the AWS console.

Create a new User

Create a new and assign the group to the user, this will automatically assign the ReadOnlyAccess policy to the user. In our example, we have named the “audit-user”.

  1. Create the new user in IAM:
    Screenshot of creating a new users within the AWS console
  2. Assign new user to newly created group:
    Screenshot of Assigning new user to Group policy through AWS console

Verify the account

Login with the newly created user and verify that you have visibility to areas, such as the S3 buckets and VPCs, however, you will not not be able to make any changes or launch any instances.

In conclusion, the AWS Managed Policy makes it very quick and easy to grant read-only access through the AWS console. If you have any questions or require further assistance with your AWS setup, please get in touch to connect with a HomeTree Digital engineer.

About HomeTree Digital

HomeTree Digital is a full-service digital marketing agency for financial services. We specialize in branding & creative, videography, web & mobile development, integrations, automations, email marketing, social media marketing, paid advertising, SEO, and analytics. If you are facing challenges in any of these areas, please reach out to us for assistance.
HomeTree is defined as a wise resourceful home that provides knowledge, instills inspiration, encourages creativity and protects. While harmoniously connecting its residents through its branches and roots to the outer world. This accurately describes the approach we take when it comes to our clients. We believe in excellent customer service and prioritizing you. Our mission is to provide you with the know-how to succeed in this rapidly evolving digital world.

Chris Alexander

About the author

Chris Alexander is a digital marketing innovator at HomeTree Digital since 2020. He eats, sleeps, and breathes digital. His technical background, having studied Software Engineering at the Hellenic Mediterranean University in Crete, gives him a strong acumen for solving complex technical problems and a solid track record of project management. With a calm demeanor and an affinity for gaming design, he also balances his skills with newer generational videography, including AI-generated and text to speech technologies.

Continue reading...

Man speaking at a conference.
Improve your website load time and SEO by reducing the number and size of HTTP requests that your web page mak...

Contact us

    Interested in working together? Please complete the form below and we will get back to you soon.

    This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.