getting started with AWS
Account Creation | NGMI friendly | 0 -> cloud engineer.
hello avatars
over the last year or so I have been involved in many more cloud projects at my day job. cloud is another great place to break into the tech market. things are generally documented very well. which is not the default for many projects.
first you are going to need to create an AWS account, which will also involve adding a payment method to your account.
create a strong password and enable multi-factor authentication (MFA), which just means that AWS will prompt you to prove your identity in a second manner. Typically SMS or an authenticator app like Duo. The turbos out there can use a hardware factor like yubikey as well.
you have just created what is called the root or root user account. This account has full admin rights that cannot be taken away or diminished. This is significant because if the root user credentials get leaked you are rekt. typically it is best practice to also delete any access keys associated with the root user account. More reading here.
IAM or identity access management is the service used to manage permissions in aws. IAM is a foundation service and one of the most important services for overall security of your resources. Proper delegation and assignment of permissions is very important. More about IAM here.
Now that you have an account you need to create another IAM user. This is essentially another user to which you can delegate permissions to. In this case we will give this user admin rights. You might be thinking that does not make any sense, but it does because if this account is compromised you can remove the admin rights. Remember this cannot be done with the root user account.
To create another IAM user, using the top search bar search “IAM” and click on IAM. your screen should look something like this:
On the left banner click “Users”, then in the top right click “Add User”. Enter any name you want, I prefer to have adm or admin in the name to remind myself it has admin level privileges. For “select AWS credential type”, for now just selecting password is sufficient. if you want to follow the “hacker edition” and use the CLI you will need an access key. For the password use a custom password and uncheck “require password reset”. Click “next”
For the next screen:
Select “attach existing policies” and then check “AdministratorAccess”
Great now you have your user set up, log out of the current root account user by click in the top right corner and select log out and log into whatever user you just created.
Great you have an admin user inside of your AWS account.
Step 1 complete.
stay tuned…
-Celt
more to come frens, strap in