AWS 0-01 - set up account, IAM

aws aws-account IAM
Self-Study
Publish Date:   2023-04-29
Update Date:   2023-05-01
Word Count:   359
Read Times:   2 Min
Read Count:  

Basic Workflow for Setup An AWS Account

1. Register

  1. register different AWS accounts for different purposes like: production, testing, general…

  2. could use **Gmail + ** trick to create multiple unique Gmail addresses under only 1 address

2. MFA

  1. open dropdown at the top left and click Security Credential

  2. add MFA in the main dashboard

3. Billing and Budget Config

  1. open dropdown at the top right and click Account

  2. enable IAM User & Role Access to billing in the main dashboard

  3. click Billing preferencesin the left bar and go to that dashboard

  4. enable PDF invoices delivered by emailReceive AWS Free Tier alerts and Receive CloudWatch billing alerts in the current dashboard

  5. click Budgetin the left bar and go to the dashboard

  6. create budget on your needs

4. Set an IAM Admin

IAM(Identity and Access Management)

Intro

3 roles in IAM:

3 Main Jobs of IAM

  • Manage Identities
  • Authenticate Identities: prove who you are
  • Authorize: allow or deny access to certain resource

Set up an IAM User Workflow

  1. you are in your root user account
  2. move to IAM console
  3. set account alias in main dashboard
  4. go to the user dashboard
  5. add user there(cancel User must create a new password at next sign-in if you don’t want)
  6. use sign-in URL to access the account
  7. add MFA for IAM after signing in

IAM Access Keys

  • An IAM user has 1 username and 1 password
  • An IAM user can have 2 access keys
  • Access keys could be created, deleted, be inactive, be active
  • Access key = Access key Id + Secret Access Key
  • AWS does not allow any future downloads of the secret access key. !! So note down secret access key initially
  • Account user could have access key, not recommended, IAM users use access key, IAM roles do not use access key

Create Access Keys

  1. click Security Credential in dropdown
  2. scroll down and click Create Access Keys in main dashboard

Connect Access keys with CLI

  1. use the command to create a named profile in your environment to store access key with a specific name

    aws configure --profile

  2. enter access key id, secret access key, default region, default output format

  3. run 

    aws s3 ls --profile
A u t h o r: Joe
L i n k: https://h4lo343.github.io/2023/04/29/AWS%200-01%20-%20set%20up%20account,%20IAM/
P o l i c y: All articles in this blog are used except for special statements CC BY 4.0 reprint policy. If reproduced, please indicate source Joe !
aws aws-account IAM
Leave Your Comment Here
  TOC