Getting Started with AWS

Part 1: Creating an AWS Account and Setting up IAM

Getting Started with AWS

You finally want to get your feet wet and play around with Cloud Technology. For this Article Series, I will use Amazon Web Services (AWS). This is intentional as AWS is not only the most popular Cloud Provider out there, but it also comes with a lovely free tier that you can play around with for an Year.

Let's get started by creating an account on AWS. You need a credit card to create an account. Do not worry, you'll not be charged for creating an account. AWS will however take 1 USD and return it after a few hours, just to ensure that the credit card is functional, nothing fishy.

Step 1: Create a Root Account

The root account / root user has complete access to all AWS service and resources. We will however not use the root account for day to day activities. We will use it instead to create another user, called an IAM user. We shall discuss the differences between the accounts later in the article. But first, let's create an account on AWS.

Head on over to The AWS Homepage

aws homepage.png

Click on the Get Started for Free or Create an AWS Account at the top right

aws free tier.png

Click on the Create a Free Account or Create an AWS Account at the top right

aws sign up.png

Fill in the Form with your details as directed. You'll be sent a confirmation URL to your email, the usual processes that take place with any account creation. I already have an account so I'll wait for you to finish the steps and sign into your AWS Root Account.

Once you've signed in, you'll be presented with The AWS Console! It simply your dashboard; where you get to spin up servers, provision resources, etc.

aws console initial.png

Click on Switch to the new Console Home

aws console.png

Your console might look a little different from mine, but that is because I have used some AWS Services as you can see in the image.

Step 2: Create an IAM User

IAM (pronounced "eye-yam") is a service that allows you to create 'mini-users' that have specific controlled access to AWS Services/Resources. For example, you have a user in your organization that deals with data storage (AWS provides a storage service called S3). You want this user to only work with the S3 Service and nothing more (we don't want the user to run around creating servers and using other AWS Services). IAM lets us create an IAM account to which we can attach these 'restrictions'/policies.

From the AWS Docs: AWS Identity and Access Management (IAM) is a web service that helps you securely control access to AWS resources. You use IAM to control who is authenticated (signed in) and authorized (has permissions) to use resources.

To create an IAM Account, search IAM in the search bar at the top. This will be the main way we navigate AWS henceforth.

root iam search.png

Click on the first option IAM

iam dashboard.png

Your IAM Dashboard might look a little different from mine, since this is the first time that you are using the AWS IAM Service. Click on Users in the side nav-bar.

create iam user.png

I have created a few IAM users as you can see; I have blurred the names. Click on Add users

iam add user details.png

Give your user a name. I have named mine "server-admin" In the "Select AWS access type", select Password; the user we create will be required to sign in using a password. We can create the password, but I'll let AWS auto-generate a password and Require the user to reset their password. After filling in the details, click on Next: Permissions

iam add user.png

I have a few custom groups as you can see.

Click on Create group in the "Add user to group" section.

iam security policy.png

Select the first option "AdiministratorAccess"

adminAccess security group.png

Proceed to Create Group and Click on Next: Tags

iam tags optional.png

Tags are especially useful when you have multiple users; you can use tag to organize and track users. We will skip this section for now. Click on Next: Review

iam review user.png

This page provides a summary of our User. Finally, Click on Create user

iam user creation success.png

Congratulations!!! You have successfully created your first IAM User. Make sure to click on Download .csv to get the credentials and sign in information associated with the user.

Step 3: Sign in as an IAM User

Now that we've created the IAM User named "server-admin", we can sign in by visiting the URL in our new_user_credentials.csv that we downloaded in the previous step.

The "Account ID" should be filled for you. Fill in the "IAM user name" and "Password" from the .csv file.

sign in as iam.png

You will be prompted to change your password once signed in.

change iam password.png

You will be presented with the AWS Management Console, similar to the console we saw when we created our AWS Root Account.

aws console initial.png

Click on Switch to the new Console Home

aws console.png

Again, your console might look a little different from mine, but that is because I have used some AWS Services as you can see in the image.


Step 4: Recap

  1. We started by creating an AWS Root Account
  2. In AWS Management Console (dashboard) we searched for the IAM Service to create an IAM Account.
  3. We signed into the IAM Account and changed our password as directed.

Since our IAM Account (mine is named "server-admin") has Administrator-Access, we can use it to create another IAM Account with less access/privilege to AWS Services.

We can now refrain from using our root account for day to day activities, and use the IAM Account instead.

Some of the Tasks that Require Root Account (root user credentials)

  • Changing account settings: account name, email address, root user password and access keys
  • Closing the AWS Account
  • Change or Cancel your AWS Support Plan
  • Viewing certain tax invoices.

Further reading (resources used in this tutorial article)

buymeacoffee.png