How to Create an Amazon Web Services Account
Amazon Web Services get information from the user’s Amazon account and allows user to access all Amazon Web Services. Amazon account offers free 12 months trial for users to learn and use different functional AWS components. Users can access AWS services for free such as S3, EC2, DynamoDB, etc. There are some limitations to using AWS resources.
Steps to create an Amazon Web Services Account
Step 1: First, open https://aws.amazon.com to create an account, then click the sign-up link for a new AWS account and enter all information.
If the user has an AWS account already, then sign-in with your existing credentials of AWS.
Step 2: After entering the email address, complete the Contact Information form. Amazon website use contact information to identify, invoice, and bill. Select Professional or Personal accounts, both have equal functions and characteristics.
Step 3: After entering your information, carefully read the Customer Agreement and click the accept button.
Step 4: After AWS account creation, users can sign-up by using email and password. After account activation, the user can use any AWS services.
Step 5: In the Payment Information page, the user can enter the details about payment mode and click the submit button. Before clicking the submit button, the user can change the address, if they want.
Step 6: Verifying user phone number
Step 7: Amazon account is verified by a text message or a voice call to the user phone number.
Step 8: Users can enter their phone number by selecting the country.
Step 9: Select the contact me button, the user will get an automatic voice or SMS to verify the account.
Step 10: By entering the received pin (by call or SMS), the user can continue to the next step.
Step 11: Users can select any Amazon Web Service support plan from the support plane page. Users can get descriptions and benefits of AWS from AWS support plans.
Step 12: After choosing a support plan, the user goes to a confirmation page. In the confirmation page, the user gets account activation notifications. The account can be activated in a few minutes. Select login link and it again goes to AWS management console.
Amazon Web Service Account Identifiers
AWS has two different IDs to all AWS account: AWS account ID and a canonical user ID.
AWS account ID
The AWS account ID is used to create Amazon Resource Names (ARNs) and a 12-digit number, for example, 123456789012. The AWS account ID helps the user to distinguish resources from other AWS resources in an account, like if the user searches for a Glacier vault or IAM user resources.
A canonical user ID
The canonical user ID is a long alphabetic numeric or long string, like 123asdcdfg3455tyh678. User ID is used in an Amazon S3 bucket resource policy for cross-account access, which means resources can be used from other AWS account. Like, user can get access with another AWS account into their bucket, by specifying the canonical user ID in the S3 bucket policy. To get detailed information about the bucket policy, users can view Bucket Policy Examples.
AWS Account Alias
Users can create an alias account for their AWS account. If a user wants to sing-in the AWS console page with their organization name or another name, the user can create AWS alias account instead of the user’s original AWS account name.
Default sign-in URL
https:// user_account_id.siginin.aws.amazon.com/console/
If a user creates an alias account, then user’s sign-in URL as
https:// alias_account.siginin.aws.amazon.com/console/
The default AWS account ID URL always active and it is used after creating the AWS account alias.
For creating or deleting account alias, users can utilize the AWS Management Console, the command line interface, or IMP API.
Steps for creating and deleting AWS account alias as follows
- By using https://console.aws.amazon.com/iam/, users can sign-in into the AWS Management Console.
- Select Dashboard in the navigation panel.
- Select the Customize button from the IAM user login link.
- Users can enter alias name, then select Yes, Create to create an alias account name.
- To delete the alias account, the user should select the customize button and click Yes, Delete.
Multi-Factor Authentication
Multi-Factor Authentication offers extra security for authenticating users to type a unique credential code from an authorized authentication SMS text message or device when user access accounts or AWS services. Users can access services, if MFA is true otherwise they cannot use the services.
MFA provides the greatest security for AWS account resources and settings. Users can enable Multi-factor for their AWS account and IAM users. To access control of AWS service APIs, MFA is used. AWS cannot charge any fees for MFA usage, after getting a virtual MFA device or supported hardware. By using MFA, user can save cross-account.
Steps to enable MFA Device
- Open https://console.aws.amazon.com/iam/ link.
- To select the user from the list of the user account name, select the navigation pane from the web page.
- View security credentials at the bottom and select MFA. select activate MFA.
- Users should follow all the instructions and activate the MFA device.
To enable MFA, the following ways are used
- SMS MFA Device
- Hardware MFA Device
- Virtual MFA Device
SMS MFA Device
MFA is activated when user signs in and they should enter their credentials. AWS console sent a confidential 6 digit code number by text message to the user phone number. The text message code number is valid only for 3 minutes. Users must enter authentication code on the website during login to authenticate the correct user.
If the user registered phone number is not in use, then the user should contact customer service. The administrator can change the user’s contact number with the necessary permission of the AWS account by API or the AWS CLI.
Hardware MFA Device
Hardware MFA device protects user root account is a good way to save user AWS service and resources against hackers. This method provides an additional layer of protection to existing AWS root credentials and makes impossible for not authenticate a user to enter without MFA 6 digit code number.
Virtual MFA Device
The virtual MFA device is a mobile software application that runs on a phone that follows a physical device. This device creates a 6 digit number code by one time-synchronized password. Users must enter this passcode on the second page of the website to authenticate the correct user.
AWS Identity and Access Management (AWS IAM)
Within the user AWS account, the user can create multiple users and control their permission.
Steps to create users in AWS IAM
- Open https://console.aws.amazon.com/iam/ and login to the Console Management.
- On the left of the navigation pane, choose the User option to view and open all the users.
- Choose to Create New Users button to create a new user and a new user window will be opened. Users can type a new user name and a new user will be created by selecting the create option.
- By choosing the Show Users Security Credentials link, the user can view the Access key Ids and the secret keys. By Download the Credentials button, users can download and save the information.
- Users can control the user’s security authentications like creating a password, controlling security certificates, MFA device, create or delete access key, etc.
Related Blogs
- What is AWS Certification
- What is AWS?
- What is AWS Lambd?
- AWS Vs Openstack
- AWS Management Console
- What’s the Value of an AWS Certification?
- AWS EC2 Instances