The final step is to create the user that will be used in the Audit Trail Configuration application. From the Identity and Access Management (IAM) area, select ‘Users’ under the Access Management branch.

• Press the ‘Add User’ button
• Give the user a name e.g. AuditTrailUser.
• For the purpose of the Audit Trail Configuration application, it is not necessary to give the user access to the AWS Management Console i.e. the area that you are currently working in. Instead, they only need programmatic access so that the application can access AWS via an access key id and and secret access key.
• Check the ‘Programmatic access type’ check box.
• Press the ‘Next: Permissions’ button.
• Here we set the permissions. Select ‘Attach existing policies directly’.
• We need to select each of the policies given in the Permissions Needed section. Search for each policy in order to filter the long list of available policies.
• Ensure that you include the one that you created too i.e. BasicIAMRoleManagement. There should be eight in total.
• Press the ‘Next: Tags’ button. For the purposes of this process we do not need to add anything here.
• Press ‘Next: Review’
• Review the user you are about to create, ensuring that you have included all eight policies and then press ‘Create user’.

Make a note of the user’s Access key ID and Secret access key. These are important as you will need to enter them into the configuration application.