Adding and removing users in an IAM user group - Amazon Identity and Access Management
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China.

Adding and removing users in an IAM user group

Use user groups to apply the same permissions policies across multiple users at once. You can then add users to or remove users from an IAM user group. This is useful as people enter and leave your organization.

View policy access

Before you change the permissions for a policy, you should review its recent service-level activity. This is important because you don't want to remove access from a principal (person or application) who is using it. For more information about viewing last accessed information, see Refining permissions in Amazon using last accessed information.

Add or remove a user in a user group (console)

You can use the Amazon Web Services Management Console to add or remove a user from a user group.

To add a user to an IAM user group (console)

  1. Sign in to the Amazon Web Services Management Console and open the IAM console at https://console.amazonaws.cn/iam/.

  2. In the navigation pane, choose User groups and then choose the name of the group.

  3. Choose the Users tab and then choose Add users. Select the check box next to the users you want to add.

  4. Choose Add users.

To remove a user from an IAM group (console)

  1. Sign in to the Amazon Web Services Management Console and open the IAM console at https://console.amazonaws.cn/iam/.

  2. In the navigation pane, choose User groups and then choose the name of the group.

  3. Choose the Users tab. Select the check box next to the users you want to remove and then choose Remove users.

Add or remove a user in a user group (Amazon CLI)

You can use the Amazon CLI to add or remove a user from a user group.

To add a user to an IAM user group (Amazon CLI)

To remove a user from an IAM user group (Amazon CLI)

Add or remove a user in a user group (Amazon API)

You can use the Amazon API to add or remove a user in a user group.

To add a user to an IAM group (Amazon API)

To remove a user from an IAM user group (Amazon API)