Registration and IAM

Register your account

To start everything, you first go in and register one account on Amazon Web Services and to access all services, it is required that you have a credit card registered. It doesen't cost anything to register or start anything, the reason for the card registration is that you should be able to add services over time. As administrator you have access to all services and it is from the administrator account you create multiple accounts to start using the cloud. The administrator account should not be used for development without more administrative control over all users.

AWS IAM, what is it?

AWS IAM (Identity and Access Management) is where you handle system users, groups and policies. To be able to create one or more users who can use the same cloud service with your own accounts, you go as an administrator on IAM, under the Services tab and set up accounts for all users. For all users you can set up principles individually or for groups. You can do this for example, do if you have several users from the finance department, which should only have access to invoices and payments - but not databases and virtual machines.

Users

Here you have an overview of all users who are linked to your AWS account. You can easily create more users.

Groups

Under groups you can see all your groups you have created. These can, for example, be the "finance department" that we want put the same principles to - suggested access to invoice and payments.

Role

IAM Roles are created to be able to collect more competencies towards specific roles that one subsequently associates with the services themselves. You can give some users these roles or services. As a suggestion, you can give a virtual machine access to one database.