GETTING STARTED ON AWS

Getting started on AWS can be overwhelming at first, but with the proper guidance, you can quickly learn the ropes and start building your own applications and services in the cloud. In this article, we’ll go over the basic steps you must take to get started on AWS. I will be going over the steps to create an AWS free tier account, enable MFA on the root user, modify account level settings to enable IAM users to view the billing dashboard, Set up budgets, create an admin user group with full access to all AWS services, create an admin user, and finally log in with this admin user.

Step One: Create AWS Account and Enable MFA on the Root User

The steps below show how to create an AWS account and enable MFA on the root user:

• Go to the AWS sign-up page at https://aws.amazon.com and click on the “Create a Free Account” button.
• Enter your email address and choose a password to create your AWS account. Follow the on-screen instructions to complete the sign-up process.
• Once you have created your account, sign in to the AWS Management Console using your email address and password.
• In the AWS Management Console, click on your account name or number in the top right corner and select “My Security Credentials” from the drop-down menu.
• In the “Security Credentials” page, scroll down to the “Multi-factor authentication (MFA)” section and click on the “Manage MFA” button.
• Click on the “Activate MFA” button to begin the MFA setup process.
• Choose the type of MFA device you want to use. You can use a virtual MFA device, which is an app that runs on your smartphone, or a hardware MFA device, which is a physical device that generates MFA codes.
• Follow the on-screen instructions to set up your MFA device. If you are using a virtual MFA device, you will need to download an app such as Google Authenticator or Authy and scan the QR code displayed on the screen to add the AWS account to your app. If you are using a hardware MFA device, you will need to follow the device-specific instructions to set it up.
• Once you have set up your MFA device, return to the “Security Credentials” page in the AWS Management Console and click on the “Activate MFA” button again.
• Enter the MFA code generated by your device and click on the “Activate MFA” button to enable MFA on your root user.
• You will now need to use your MFA device every time you sign in to your AWS account as the root user. When you sign in, you will be prompted to enter your email address and password as well as a one-time MFA code generated by your device.

You have successfully created an AWS account and enabled MFA on the root user. Enabling MFA is an important security measure that helps protect your AWS account from unauthorized access.

Note: The best practice is to set up IAM users and stop using the root account for everyday tasks.

Step Two: Create an Admin User Group and Add Admin User

Here are the steps to create an admin user group with full access to all AWS services and create an admin user:

• Sign in to the AWS Management Console as the root user of your account.
• Open the IAM console by selecting “IAM” from the dropdown menu in the top right corner.
• In the IAM console, select “Groups” from the left-hand menu.
• Click the “Create New Group” button to create a new group.
• Enter a name for the group, such as “Admins”, and click the “Next Step” button.
• On the “Attach Policy” page, select the “AdministratorAccess” policy from the list of policies. This policy grants full access to all AWS services. You can also search for the policy using the search box at the top of the page.
• Click the “Next Step” button to review the group details.
• Review the group details, and then click the “Create Group” button to create the new group.
• Once the group has been created, you can add users to the group. To do this, select the “Groups” option in the left-hand menu of the IAM console, and then select the group you just created.
• Click the “Add Users to Group” button to add a user to the group.
• Select the user or users you want to add to the group from the list of available users and click the “Add Users” button.
• The users you added will now have full access to all AWS services.

To create an admin user:

• In the IAM console, select “Users” from the left-hand menu.
• Click the “Add User” button to create a new user.
• Enter a name for the user, such as “Admin”, and select the “Programmatic access” and “AWS Management Console access” checkboxes.
• Choose a password for the user or select the “Require password reset” checkbox to force the user to create a new password upon first login.
• On the “Permissions” page, select the “Add user to group” option and select the group you created in the previous steps.

Step Three: Enable the IAM user to View Billing Dashboard

By default, IAM users would be unable to view the billing dashboard. As pointed out earlier, the best practice is to use IAM users for everyday tasks, so it is important for some IAM users (depending on their role) to have the privilege of viewing the billing dashboard.

To enable IAM users to view the billing dashboard in AWS, you need to modify the account level setting for billing access. Here are the steps to do that:

• Sign in to the AWS Management Console as the root user of your account.
• Open the AWS Billing and Cost Management console by selecting “Billing and Cost Management” from the dropdown menu in the top right corner.
• In the Billing and Cost Management console, select “Preferences” from the left-hand menu.
• Scroll down to the “IAM User Access to Billing Information” section and click the “Edit” button.
• On the “Modify IAM User Access” page, select the checkbox next to “Activate IAM Access” to enable IAM users to access billing information.
• Under “Billing Information,” select the checkboxes for the specific billing information that you want to allow IAM users to access. You can select options such as “View bills and statements” and “View usage and cost data.”
• Under “Permissions,” select the IAM users or groups to whom you want to grant access to the selected billing information.
• Click the “Update” button to save your changes.

Once you have completed these steps, the IAM users that you selected will be able to view the billing dashboard in the AWS Management Console. Note that IAM users will only be able to view the billing information that you have granted them access to, and they will not be able to modify any billing settings or account information.

Step 4: Set up Budget

Setting up a budget is crucial for managing your AWS costs effectively, optimizing your spending, and ensuring that you are making the most of your resources. A few benefits of setting up a budget include the following:

• A budget helps you monitor your spending and ensure that you don’t exceed your financial limits. By setting a budget, you can keep track of your expenses and identify areas where you can reduce them.
• A budget can help you forecast your future expenses based on your historical data. This can help you plan your financial resources more effectively and make informed decisions.
• A budget can act as an early warning system by alerting you when you are approaching or exceeding your spending limits. This can help you take corrective action before it’s too late.

To set up a budget on AWS, follow these steps:

1. Sign in to the AWS Management Console using your IAM user login details.
2. Navigate to the Billing and Cost Management dashboard.
3. Click on the “Budgets” tab.
4. Click on the “Create a budget” button.
5. Choose the type of budget you want to create (cost, usage, or reservation).
6. Configure the budget details, such as the budget name, start and end dates, and threshold amounts.
7. Select the accounts and services you want to include in the budget.
8. Choose how you want to receive alerts when the budget thresholds are reached (email, SMS, or SNS notification).
9. Review and confirm your budget settings.
10. Click on the “Create” button to create your budget.

Once your budget is created, you can monitor it from the Budgets dashboard and receive alerts when the threshold amounts are reached. You can also modify or delete your budget at any time.

Conclusion

We have successfully gone over the steps to create an AWS free tier account, enable MFA on the root user, modify account level settings to enable IAM users to view the billing dashboard, Set up budgets, create an admin user group with full access to all AWS services, create an admin user, and finally log in with this admin user. Next, we would be launching an ec2 instance to deploy a LAMP Stack on AWS.