Registration and IAM

A guide on how to get started with AWS and how to do it yourself the set should include users, groups and policies.

Register your account

To start everything, you first go in and register one account on Amazon Web Services and to access all services, it is required that you have a credit card registered. It doesen't cost anything to register or start anything, the reason for the card registration is that you should be able to add services over time. As administrator you have access to all services and it is from the administrator account you create multiple accounts to start using the cloud. The administrator account should not be used for development without more administrative control over all users.

AWS IAM, what is it?

AWS IAM (Identity and Access Management) is where you handle system users, groups and policies. To be able to create one or more users who can use the same cloud service with your own accounts, you go as an administrator on IAM, under the Services tab and set up accounts for all users. For all users you can set up principles individually or for groups. You can do this for example, do if you have several users from the finance department, which should only have access to invoices and payments - but not databases and virtual machines.

Here you have an overview of all users who are linked to your AWS account. You can easily create more users.
Under groups you can see all your groups you have created. These can, for example, be the "finance department" that we want put the same principles to - suggested access to invoice and payments.
IAM Roles are created to be able to collect more competencies towards specific roles that one subsequently associates with the services themselves. You can give some users these roles or services. As a suggestion, you can give a virtual machine access to one database.