In this blog post, I will show you how to create a read-only AWS account for view only purposes.
It is very common to give read-only access to AWS when you need to give specific people access to view your AWS configuration.
In cases like that, you don’t need to give them access to create or configure services.
To get started, I will log in to the AWS management console and create an IAM user.
From the AWS console search for IAM and click on Users from the left navigation menu.
From the users’ menu, click on Add user.
In my case, I will call the user ReadAdmin and give it AWS management console access only.
If need I can also enable programmatic access.
In the permissions page, I will select Attach existing policies directly.
I will use the Filter policies drop-down menu, I will select AWS managed – job function, as shown below.
From the policy name, I will select ViewOnlyAccess
I will finish the wizard and log is as I read the only user.
After I logged in and tried to create a user or a resource, I will receive the following error.