Post
Ask Question

AWS for Newbies: The First Two Steps You Can't Miss

This is a concise article that outlines essential steps for individuals new to Amazon Web Services (AWS) to get started on their cloud computing journey. The article highlights two key actions that beginners should prioritize before doing some R&D on AWS.

To Do 1. Creating an IAM User

  • To begin, access your AWS Account and utilize the search bar to locate and navigate to IAM.
  • If you have not yet added MFA (Multi-Factor Authentication) to the root user, locate the “Add MFA” option found under Security recommendations and click on it to initiate the setup process. (You can use any MFA App like Google Authenticator or Microsoft Authenticator)
  • After completing the MFA setup, select the user from the left pane of the IAM (Identity and Access Management) console.

Before delving into further details, let’s familiarize ourselves with two user types in IAM (Identity and Access Management).

Root User: The Root User in IAM refers to the user account created when setting up an AWS account. It is associated with the email address and password used for logging in. The Root User possesses full administrative access and control over the AWS Cloud account, including the ability to manage all resources and services. It is essential to secure and manage the Root User credentials carefully to maintain the overall security of the AWS account.

IAM User: IAM Users are user accounts created within AWS IAM (Identity and Access Management) that allow you to control their access to AWS resources and services. IAM Users have their own credentials (username and password) separate from the Root User. By defining policies and permissions, you can manage and restrict the actions and resources that IAM Users can interact with within the AWS environment.

Certainly! Let’s continue with the steps we were following.

  • Click on Add User.
    Create IAM User in AWS
  • Enter a desired username, such as “admin”, in the “Username” field. Enable the checkbox for “AWS Management Console access” to grant the user access to the AWS Management Console.
    Create IAM User in AWS
  • Click on “I want to create an IAM user” under “Are you providing the console access to the user”.
  • Click on “auto-generate password” and give a checkmark on “User must create a new password on next sign-in”.
  • Click on Next.
  • By default, this user will not have any access. You can give access by clicking on the “Attach Policies Directly”.
  • Read those permissions and give those policies that are required as per your use case.
  • Once done. click Next.
  • Then click on Create User.
  • Once the account is created, click on “Download CSV File”. This file will contain the username and password for the IAM user, along with the account URL.
  • You can also add MFA to this user under security credentials.

To Do 2. Set Billing Alarm

To set the billing alarm, we need to enable few options in the AWS,

  • Navigate to the Billing section. You can find it under your username.
  • Click on Billing Preferences on the left pane.
  • To enable PDF invoice delivery preferences for the user, simply check the box associated with “PDF” in the Invoice Delivery Preferences section.
  • Enable both “AWS Free Tier Alerts” and “CloudWatch Billing Alerts” under Alert Preference.
  • Utilize the search bar to locate and navigate to CloudWatch. CloudWatch is an AWS monitoring service.
  • Make sure your AWS account region is in N. Virginia. You can make sure of this by finding this near your username on the top-right corner.
    Set Billing Alarm in AWS
  • Navigate to All Alarm under Alarms in the left pane.
  • Click on “Create Alarm”.
  • Click on Metric.
  • You will see an option called Billing and navigate to Total Estimated Charge, select USD, and click on Select Metric.
  • Define the threshold value as 5 (you can define this according to your use case). This will send you an alert if your bill reaches 5 USD.
  • Click on Next.
  • To create notifications, it uses a service called SNS (Simple Notification Service) 
  • Click on Create New Topic and provide a name to your topic. Provide your email under Email Endpoints. The notification will be sent to the email address that you provided here.
  • Click on Create Topic and click on Next.
  • Give the alarm a name and a description, and click Next.
  • Now review it and click Create Alarm.
  • You will receive an email to verify your email address. Make sure you verify it or else you won’t receive any billing alert.


Similar Articles