Reviewing Details and Editing an Existing User

On the Users panel, click on a user to review and/or edit. The User panel is displayed. For example:

This panel shows the user name and path. It also includes:

• ARN—Amazon Resource Name for the user
• Creation Date—Date/time when the user was created
• Account ID—Identification for the account in which the user is associated
• Active—Toggle to set a sub-user account as active or inactive.

You can clickto copy the ARN or Account ID to the clipboard. The panel also includes five options:

• Assigned Groups
• Change Password
• User Access Keys
• MFA Settings
• Policies

Active

You can set a sub-user account as active or inactive.

To make the sub-user account active, slide the option to the right. The word "Yes" is displayed and the slide option is blue:
When the sub-user account is inactive, the word "No" is displayed and the slide option is gray:

If you change the status, click Update to confirm.

Assigned Groups

Open the Assigned Groups drop-down on the user panel. The groups to which the user is associated are displayed. In this example, the user is associated with the test-engineers group:

To associate the user with additional groups:

1. Click in the Search Groups area.
2. If the list of groups is long, you can begin to type characters in the group name.
3. When the group name is displayed, click on it to associate the group with the user.

   

To remove an association, clickfor the group.

Change Password

Open the Change Password drop-down on the user panel.

To change the user’s password:

1. Click in the Change Password area.
2. Enter a new password that follows the password policy settings. As you enter a password, you can clickto show the password characters. Once you click outside the Change Password area, the Show tools will no longer be available.
3. If you want to require the user to reset the password, check the Require Password Reset option.
4. Click Save.

Denying Console Access

You can also use this tool to disable the user’s access to the Console. To do so, click Delete Access. To reinstate access, you need to assign a password.

User Access Keys

Open the User Access Keys drop-down on the user panel.

You can create a new access key, change its status, or delete an existing access key, as described below.

Creating an Access Key for a User

1. Click Create Access Key. A unique access key for the user is displayed. For example:

   

   To show the Secret Key, click the Show link. For example:

   

   Be sure to copy these keys and store them in a safe place. Notice that two buttons are provided to conveniently download the keys in a CSV file or copy the keys to the clipboard (and then paste them into a file to save).

2. After saving the keys, click X. The access key is displayed. For example:

   

Changing the Status of an Access Key

You can change the status of an access key from Active to Inactive.

To make the access key active, slide the option to the right. The slide option is blue:
When the access key is inactive, the option is gray:

Deleting an Access Key

1. Click Delete to the right of the access key you want to delete.

   

2. A message asks if you want to delete the access key. Click Delete to remove the key.

   

MFA Settings

Open the MFA Settings drop-down on the user panel. Refer to the description of Creating a Virtual MFA Device.

Policies

Open the Policies drop-down on the user panel. 

You can associate policies with the user. You can do so in two ways:

• Click in the Attach Managed Policy area at the top of the panel. Start typing to find the policy for the user. Select a policy from the drop-down. Attached policies are listed at the bottom of the panel under the heading, “Policies attached to [user].”
• Select one of the predefined policies listed in the middle of the panel. Simply click on + to the right of the policy name to add it to the user. (Refer to Policies for a description of each policy.)

To remove a policy from the user, clickfor the policy.