How to set up a new AWS project in under 12 minutes

How to set up a new AWS project in under 12 minutes (without manual clicking)

Every DevOps engineer knows this pain: a new project kicks off and you're buried in AWS console tabs, IAM policies, and Terraform boilerplate.

The manual process (what it costs)

Running through the 10 standard setup steps — account, IAM, VPC, Terraform state, modules, CloudWatch, OIDC, Secrets Manager, test deploy — takes 400+ minutes. Every single time.

The real issue: it's identical every time, yet always done manually.

Key insight: IAM role assumption > credential storage

# trust_policy.json — CI assumes a role, never stores a key
{
  "Version": "2012-10-17",
  "Statement": [{
    "Effect": "Allow",
    "Principal": {
      "Federated": "arn:aws:iam::ACCOUNT_ID:oidc-provider/token.actions.githubusercontent.com"
    },
    "Action": "sts:AssumeRoleWithWebIdentity",
    "Condition": {
      "StringEquals": {
        "token.actions.githubusercontent.com:sub":
          "repo:YOUR_ORG/YOUR_REPO:ref:refs/heads/main"
      }
    }
  }]
}

No stored credentials. Per-repo permissions. Auto-expiring tokens.

Patterns that save the most time

• Parallel provisioning: VPC and IAM have no dependency — provision simultaneously
• Reusable trust policies: Template OIDC relationships once, stamp per project
• State backend first: Remote state + locking before anything else

Try it yourself

If you're managing 3+ projects or 2+ AWS accounts, manual overhead compounds fast.

👉 step2dev.com — 300+ engineers on the waitlist

What part of your AWS bootstrap do you wish was automated?