Comprehensive Guide...

Creating an AWS (Amazon Web Services) account and configuring it properly is crucial for leveraging the power of cloud computing while ensuring security and cost-efficiency. This guide provides step-by-step instructions on how to create an AWS account, set up an IAM (Identity and Access Management) user, and follow best practices to maintain a secure and well-managed environment. Whether you're new to AWS or looking to refine your account setup, this comprehensive guide will help you navigate the process effectively.

Step-by-Step Guide to Creating an AWS Account

Step 1: Sign Up for an AWS Account

1. Visit the AWS Page: Go to https://aws.amazon.com/ and click "Create an AWS Account".

1. Enter Account Details: Provide your root user email address and choose an AWS account name.

1. Verify your email

4.Contact Information: Enter your contact information including your address and phone number.

1. Payment Information: Enter your credit card details. AWS offers a free tier for new users, but you need to provide payment details for any usage beyond the free tier.

1. Identity Verification: AWS will send a verification code to your phone number.

1. Select Support Plan: Choose a support plan. AWS offers four support plans, including Basic (free), Developer, Business, and Enterprise. For this article, we will be choosing the “Basic support - Free” plan.

1. Complete the Registration: Once you’ve filled in all the required information, click "Create Account and Continue". Your AWS account will be created.

Step 2: Configure Root Account Security

1. Sign in to the AWS Management Console using the root account.

2. Enable Multi-Factor Authentication (MFA):

   • Through search bar, search for IAM and Go to the IAM dashboard.

• Select “Add MFA on your root account” and follow the instructions to configure MFA.

• For this tutorial, we’ll choose “Virtual MFA device” from the list of options, and select “Continue.” However, you can choose another option if it suits you better. Make sure to keep the generated QR code up for the following three steps.

1. Set Up Billing Alerts:
   • Go to the Billing and Cost Management Dashboard.
   • Set up billing alerts to monitor your AWS usage and costs.

Creating an IAM User and Accessing AWS CLI via AWS Management Console

The AWS Command Line Interface (CLI) is a unified tool to manage your AWS services. With just one tool to download and configure, you can control multiple AWS services from the command line and automate them through scripts..Some of the benefits of using the AWS CLI include:
Easily automate tasks and workflows using scripts.
Access all AWS services and features from a single command line interface.
Perform tasks faster as compared to using the AWS Management console.
Execute commands from any environment with AWS CLI installed, including local machines and servers.
Manage configurations and changes using version controlled scripts.
Developers gain a deeper understanding of cloud computing principles and AWS architecture.
This document provides step-by-step instructions to set up and access AWS CLI using the AWS Management Console

Step 1 : Create an IAM user with appropriate permissions to use the AWS CLI
In the AWS Management Console, go to the IAM (Identity and Access Management) service.

1. In the navigation pane, click Users and then Add user.
2. Enter a User name and check the box to give the user access to the AWS Management Console
3. Select I want to create an IAM User

1. On the console password, choose between an automatically generated password or a custom one, then proceed by clicking Next.

2. Setting permissions for the user.
   Add User to a Group
   It is a best practice to first add a user to a group and then attach policies to the group. This approach simplifies the process of managing permissions. Changes made to the permissions are applied across all members of the group which reduces the risk of errors and inconsistencies in access control.

Click on Create group or add the user to an existing group with appropriate permissions.
Enter a group name and proceed to click on create policy. Following the principle of least privilege, we will grant our users only the permissions necessary for their tasks.

Click on JSON and write the policy needed. The policy below allows the user to describe various ec2 resources such as ec2 instances and also allows the user to retrieve details about their own IAM identity, such as the account ID, IAM user ID, and the ARN (Amazon Resource Name) of the caller. Click Next

-Enter a name for the policy, then click Create policy.
-Use the search bar to find the policy by name. Click on the policy we created, then click Create user group. This will create the group and attach the policy to it.

-Click on Next , then Create User.

Step 3: Creating access keys for the User
-Click on Users on the left panel then click on Create access key

-Click on Command Line Interface then choose Next

After clicking on Create access key, you have the option to download the credentials as a .csv file. Remember to follow best practices for managing access keys:
-Never store your access keys in plain text, in a code repository or in code.
-Disable or delete the access keys when they are no longer needed.
-Enable least privilege permissions.
-Rotate access keys regularly.

Step 4: Install the AWS CLI

On Windows (Git bash used):
Click on the link below to download the installer:
https://awscli.amazonaws.com/AWSCLIV2.msi
Click on the downloaded file to start the installation then click Next

3.Agree to the terms by ticking the box then click Next

4.Choose the installation location. You can leave it as default then Click Next

5.Click on Install to start the installation process.

1. Confirm Installation by clicking on Yes

2. Click on Finish

Part 2 : Configure AWS CLI On Windows

Open command prompt or git bash on your system to run the following commands( Git bash has been used)

1.Confirm whether aws cli was successfully installed using this command.

2.If aws cli was installed successfully, bash will produce the output above.

3.To configure credentials for AWS, enter the following command to get started.

4.Provide the access key ID and secret access key and hit Enter

5.Verify the Installation
To verify that the AWS CLI is installed correctly and can connect to your AWS account, run:

   aws sts get-caller-identity

If configured correctly, this command will return details about your IAM user, such as the user ID and ARN.
6.Confirm if we can access our AWS account via the CLI by listing instances running in the current region.

As shown, there are no instances currently running.

Installing AWS CLI On Linux:
1.Open the Terminal and run:
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install


Installing AWS CLI On macOS:
1.Open the Terminal and run:
curl "https://awscli.amazonaws.com/AWSCLIV2.pkg" -o "AWSCLIV2.pkg"
sudo installer -pkg AWSCLIV2.pkg -target /


Conclusion

Creating and securing your AWS account is important.This guide has provided step-by-step instructions on how to create an AWS account, set up an IAM user, and follow best practices to maintain a secure and well-managed environment.

From signing up for an AWS account and configuring root account security to creating IAM users and setting up the AWS CLI, these steps help ensure that you can manage your AWS resources effectively and securely. By following these guidelines, you can confidently navigate your AWS account setup, automate tasks using the AWS CLI, and maintain a secure cloud environment.

Comments

[Tessa Angelika]

A very comprehensive guide. Well done.