Learning IAM policies can be difficult and a little tricky. During our lab Introduction to IAM, the most common issue reported is that a student cannot create a user/group or other various permission errors.
The error you might receive usually means you accidentally misconfigured a command or resource earlier in the lab. The most common misconfigured setting is when the user group is not named properly such as "DevOps"
It's important to note that IAM is capitalization sensitive!
In order to double-check this step, please see below:
Ensure that the environment has fully loaded 100% before starting the lab to make sure all permissions and resources have synced.
Log into AWS using the provided credentials for the lab session.
Go to IAM services, you may ignore the below error if it pops up:
4) Go to user groups and create a user group based on the below requirements:
Group name: DevOps (please observe capitalization)
Attach the policy: AmazonEC2ReadOnlyAccess
Please ensure you are searching in the box that is labeled "attach permissions policies," and it should be available. Paste the policy as-is:
5) Click create the group and you should be able to pass the 1st check:
6) Continue with the rest of the lab steps, which will require you to create a user and add that user to the user group you have just created. If followed closely, you should be able to clear the next check as well. Below is the setting when creating the user. Please ensure that it is named “John” and observe the capitalization once more:
7) The last step is to log in to AWS using the user's credential from your previous step.
A pro tip: Make sure you have downloaded the CSV file from when you created the user, as you will need the password to log in. Once you successfully log in to AWS, you should be able to clear the last check and finish the lab:
I hope this helps! Should you continue to encounter an issue, please do not hesitate to let us know by emailing email@example.com with a screenshot of any errors you have received.