Cloud Builder

Cloud Builder. Bootstrapping an AWS Account.

Learning. AWS Account Root User Identity and Access Management (IAM) service IAM User IAM User Group Policies Multi-Factor Authentication (MFA) AWS Management Console.

Amazon Web Services (AWS) Account. An Amazon Web Services (AWS) Account is the basic container for all the AWS resources you can create as an AWS customer. An AWS Account is also the basic security boundary for your AWS resources..

AWS Account Identifiers. AWS Account Name: A user-generated name for an AWS Account. AWS Account ID: A 12-digit number, such as 123456789012, that uniquely identifies an AWS Account. AWS Account Alias: A unique friendly identifier used in place of an AWS Account ID on the sign-in page (and sign-in URL)..

Root User. When you first create an AWS Account, you begin with one identity that has complete access to all AWS services and resources in the AWS Account. This identity is called the AWS Account Root User. You can sign in as the Root User using the email address and password that you used to create the AWS Account..

Identity and Access Management (IAM), IAM User, and IAM User Group.

Policies. You manage access in AWS by using (or creating) Policies and attaching them to IAM identities, e.g. IAM Users or IAM User Groups. A Policy is an object in AWS that, when associated with an identity, defines their permissions. AWS evaluates these Policies when an IAM identity makes a request..

Multi-Factor Authentication (MFA). AWS Multi-Factor Authentication (MFA) is a simple best practice that adds an extra layer of protection. With MFA enabled, when a Root or IAM User signs in to the AWS Management Console, they will be prompted for their credentials as well an authentication code from their MFA device (the second factor)..

AWS Management Console. The AWS Management Console is a web application that provides a broad collection of Service consoles for managing AWS resources..

AWS A ccount. Administrators. Administrator. Root User.

Search Web for AWS Management Console Press the Create an AWS Account button.

Provide Root User email address; unique among all AWS Accounts Provide AWS Account Name; does not need to be unique Press the Verify email address button.

Provide contact information Continue the sign up process.

Provide billing information Continue the sign up process.

Confirm your identity Continue the sign up process.

Select a support plan Continue the sign up process.

You have created an AWS Account. Press the Go to the AWS Management Console button..

Sign into the AWS Account using the Root User email address and password..

You are now logged into the AWS Management Console as the Root User for the AWS Account. Notice that the AWS Account Name is listed in the upper-right corner of the screen..

Search for the IAM Service and select it.. aws Q iam Services Services (S) Features (15) Blogs (1,289) Documentation (98,748) Knowledge Articles (30) x Search results for 'iam' Services IAM Manage access to AWS resources Resource Access Manaaer.

Add MFA to the Root User.. IAM dashboard Security recommendations A Add MFA for root user Sign in as the root user (or CÄ)ntact your administratcy) and register a multi•factor authentication (MEA) device for the rcx»t user to Improve for this account. Add MFA.

Select the User groups menu Press the Create group button.

Name the IAM User Group, Administrators Search for and select the AdministratorAccess Policy Create the IAM User Group.

aws Services Q Search for s Identity and Access Management (IAM) Q Search IAM Dashboard Access management User groups Users Roles x.

Name the IAM User, Administrator Select checkboxes and continue process.

Add the IAM User to the Administrators IAM User Group Continue the process to create the IAM User Press the Download .csv button and keep the file for later.

Click the IAM link Click the Create link to create AWS Account Alias, unique among all AWS Accounts.

Select the link with the Account Name Click the Sign out button.

Sign in using the AWS Account Alias, Administrator IAM User name and password; the password is in the downloaded .csv file from earlier..

You are now logged into the AWS Management Console as an IAM User (named Administrator ) in the AWS Account. Notice that the IAM User name and AWS Account Alias is listed in the upper-right corner of the screen..

Do It Yourself (DIY). You already have enabled MFA on the Root User; now it is up to you to enable it on the Administrator IAM User..

Congratulations! You have completed this Cloud Builder level..