DEV Community

Cover image for Cloud Resume Challenge - Chunk 0 - Access, Credentials, and Certification Prep
Trinity Klein
Trinity Klein

Posted on • Edited on

Cloud Resume Challenge - Chunk 0 - Access, Credentials, and Certification Prep

#aws #career #beginners #security

The Cloud Resume Challenge starts long before you deploy your first Lambda function or wire up a DynamoDB table. The first step is creating a secure foundation—because AWS is powerful, and mistakes can lead to credential leaks, security incidents, or runaway billing. This guide walks through how I set up my environment, managed credentials professionally, and earned my AWS Certified Cloud Practitioner certification to validate my understanding of the cloud.

Step 1: Setup and Safety (Before You Begin)

Think of AWS like a power tool: misused, it can cause damage. Before provisioning anything, take these precautions:

  • Enable MFA on the root account. Never use the root user for daily tasks. Store its credentials in a password manager and only log in for account setup.
  • Create an IAM user with MFA. Use this user to manage access, but avoid attaching long-term access keys directly.
  • Adopt IAM roles. Instead of static credentials, assume roles with temporary credentials for each session.
  • Set billing alerts. Go to the AWS Billing Console and create alerts to notify you if costs exceed your expected usage.
  • Delete unused resources. The fastest way to eliminate unexpected charges is to remove resources once you’re done testing.

These steps prevent attackers from hijacking your account and keep costs predictable while learning.

Step 2: Access and Credentials

You’ll need two ways to access AWS:

  1. The AWS Console – the web interface.
  2. The CLI/SDKs – where automation and code-driven access live.

There are two approaches to configuring access:

The Original Way (if you must)

  • Create an IAM user with programmatic access.
  • Store credentials in configuration files on your local machine.
  • Optionally use tools like aws-vault or awsume to manage role assumptions securely.
  • Always enable MFA and never hardcode credentials into code or repositories.

This method works, but static credentials are a liability.

The Professional Way (recommended)

This is how cloud teams operate in production, and how I structured my environment:

  1. Create an AWS Organization in your root account.
  2. Add at least two Organizational Units (OUs) – one for Production, one for Development/Test.
  3. Inside each OU, create accounts. Use + email suffixes (e.g., you+dev@gmail.com) to reuse your main email.
  4. Set up AWS IAM Identity Center (formerly SSO). This lets you sign in securely without relying on static keys.
  5. Configure the CLI with Identity Center for seamless login across accounts. Tools like aws-sso-util make this easier.
  6. Always enforce MFA on SSO logins.

This setup takes longer, but once complete, you’ll have a professional-grade AWS environment with no need for long-lived credentials.

Step 3: AWS Certified Cloud Practitioner

Before diving deep into infrastructure, I prepared for and passed the AWS Certified Cloud Practitioner exam.

This entry-level certification validated my knowledge of:

  • Core AWS services: S3, EC2, Lambda, DynamoDB.
  • Global infrastructure: regions, availability zones, edge locations.
  • Security best practices: IAM, MFA, shared responsibility model.
  • Billing and pricing models: free tier, pay-as-you-go, cost optimization strategies.

The study process reinforced the importance of secure setup and gave me the vocabulary to navigate AWS documentation confidently.

📎 View my verified badge here: AWS Cloud Practitioner on Credly

Step 4: Guarding Against Costs

Even within the free tier, costs can accumulate unexpectedly. Best practices I followed:

  • Delete unused accounts/resources after testing.
  • Use billing alerts with SNS notifications for thresholds.
  • Regularly review the Billing Dashboard to confirm free-tier compliance.
  • If mistakes happen (e.g., leaving an expensive instance running), contact AWS Support—first-time errors are often forgiven.

Key Takeaways

  • Start with security-first principles: MFA, least privilege, temporary credentials.
  • Use AWS Organizations and IAM Identity Center for scalable, professional credential management.
  • Validate knowledge with the AWS Certified Cloud Practitioner exam.
  • Monitor and control billing to avoid surprises.

With this foundation, you’re ready to move into the hands-on build phases of the Cloud Resume Challenge: deploying static websites, APIs, and serverless functions with confidence.

Helpful Resources

If you’re starting, here are some resources that helped me:

Let’s Connect

If you’re following this challenge, or just passing by, I’d love to connect! I’m always happy to help if you need guidance, want to swap ideas, or just chat about tech.

I’m also open to new opportunities, so if you have any inquiries or collaborations in mind, let me know!

Top comments (0)