What's in this article ?
- What happens when we create an AWS account ?
- What is an AWS account ?
- Few best practices on how to create and maintain AWS accounts.
What happens when we create an AWS account ?
We create a new AWS account using a unique mail id and password for the very first time. During the process AWS requires us to provide payment details and proof of address; post that we are logged into to AWS console. Now we are logged in as AWS Account Root User (similar to the root user of any UNIX-like OS for example: Ubuntu)
What is an AWS account ?
It is a container or a wrapper where the user logged in can consume the available AWS resources for provisioning their infrastructure as per their needs.
Example: S3 (Simple Storage Service) can be used for storing images, large video files or gzipped backup files of production database.
Few best practices on how to create and maintain AWS accounts.
First and foremost, it is highly recommended to enable 2FA (two factor authentication) for securing your root account. This step is mandatory to avoid misuse of your AWS Root account if any third is aware of your account username(usually the mail id provided) and a password.
Maintain separate accounts based on your application's release cycle: Development account, Staging account and Production account.
If you are creating an IAM User make sure you provide only the necessary permissions to the User in the Policies. (aka follow Principle of Least Privilege)
I am open to constructive criticism, so please feel free to leave a comment if I had made any conceptual error or the blog need better explanation.