Hosting static web with Amplify and Custom domain with Route 53. > IAM Policy

IAM Policy

In this section we will configure 2 users in IAM with certain permissions:

AmplifyDev is for developers who have permission to use AWS Amplify service to configure CI/CD and hosting Next.js app.
AdminUser for larger roles to configure global services (within the scope of the workshop is AWS Route53 service)

Step 1: On the homepage of aws.amazon.com, click the search bar and type IAM.

Step 2: In the AWS Dashboard, click User and select Create user.

Step 3: Create user infomation AmplifyDev and select Next.

Step 4: For config AmplifyDev permission, then search AdministratorAccess-Amplify và tick a box for assign permission for user and select Next.

Step 5: Overview user information and permission policy then select Create user.

Step6 6: Download the csv file to store user information and select Return to user list to return to the dashboard.

Repeat with user AdminUser

Step 1: Create AdminUser user information and select Next.

Step 2: Limit permissions to AdminUser, search AdministratorAccess and tick the box to assign permissions to the user and select Next to continue.

Step 3: Check the overall username and permissions of the user and select Create user.

Step 4: Download the csv file to store user information and select Return to user list to return to the dashboard.

Check the results in IAM Dashboard

NOTE: We clearly decentralize permissions to strictly manage services that groups of users can use AWS services for the right purpose.