Getting Started with AWS: A Beginner's Guide to Account Creation, IAM, and Billing

When stepping into the world of AWS cloud computing, the foundation of your journey begins with three critical pillars: proper account setup, secure identity management, and vigilant cost control. Like building a house, you need a solid foundation before adding the rooms. Whether you're a startup founder looking to launch your first cloud application, a developer starting your cloud journey, or an organization planning to migrate to AWS, understanding these fundamentals isn't just helpful—it's essential. Without proper IAM configuration, you risk security breaches; without billing awareness, you might face unexpected costs; and without proper account setup, you limit your growth potential. Let's explore these crucial first steps that will set you up for success in your AWS cloud journey.

Before we dive in, here’s a quick note: this blog documents what I’ve learned while preparing for the AWS Cloud Practitioner Certification exam. It’s also the first in a series of posts. Constructive feedback is always welcome! This guide provides an in-depth walkthrough on creating an AWS account, so whether you're a beginner or revisiting the process, you're in the right place. Here’s what I will cover:

What You'll Learn Today

• Creating your first AWS account

• Understanding IAM (Identity and Access Management) users

• Managing billing and avoiding unexpected charges

• Essential AWS services for beginners

The AWS Learning Path: What You Need to Know

Before we get into today's topics, here's a quick overview of what you'll need to learn on your AWS journey (Essential AWS Topics for Certification):

• Compute Services (EC2, Lambda)

• Storage Services (S3, EBS)

• Database Services (RDS, DynamoDB)

• Networking (VPC, Route 53)

• Security and Identity (IAM, Security Groups)

• Monitoring and Management (CloudWatch, CloudTrail)

• High Availability and Scaling (Auto Scaling, Load Balancing)

• Application Integration (SNS, SQS)

There's so much more to explore! But don't worry—we're starting with the basics today, and I'll cover the rest of AWS services along the way.

AWS Account Creation

When to Use

You need an AWS account to access any AWS service. It's your gateway to the AWS ecosystem and the first step in your cloud journey.

Key Features

• Free tier access for 12 months

• Access to all AWS services

• Global infrastructure availability

• Pay-as-you-go pricing model

• Root user access

Step-by-Step Guide

Step 1: Search AWS on Google or visit aws.amazon.com directly from the link.

Step 2: Click on "Complete sign-up"

After you’ve clicked on the button you’ll see something like this:

As shown in the picture above, there are two options: the first is Root User, and the second is IAM User.

The Root User is the account owner’s primary identity, created when you first set up your AWS account. It has full access to all AWS services and resources, including billing and account settings.

I will discuss IAM User in detail in the IAM User section of this blog. For now, let’s focus on creating the account. Click on 'Create a new AWS account' at the bottom. After that, you’ll face this page:

Provide the necessary information, and keep this in mind: You’ll need a credit card or a debit card with a dollar endorsement (at least $1) to create an account. This is required to verify that the card is active and functional (essential even for the free tier). Then verify your identity via phone and choose your support plan (start with Basic/Free).

After creating and logging into your AWS account, your interface will look like this:

You are now in the AWS Management Console. From here, you’ll be able to access all the AWS services.

Identity and Access Management (IAM)

When to Use

IAM is crucial when you need to:

• Give others access to your AWS account

• Set up separate users for different team members

• Implement the principle of least privilege

• Secure your root account

Key Features

• Create and manage AWS users and groups

• Set up Multi-Factor Authentication (MFA)

• Create and manage access policies

• Generate access keys for programmatic access

• Free to use

Here’s how you’ll create an IAM User:

When logging into your root user account, you’ll always use the email address you used during account setup. However, to log in as an IAM User, you’ll need to enter the account ID or account alias instead.

Search for 'IAM' in the search bar -

- and navigate to that section. You’ll see something like this:

This is the IAM Dasboard as you can see. This is your go-to section for managing access and security in AWS. Here, you can create and manage users, groups, and roles, giving you full control over who can access your AWS resources and what actions they can perform. It’s also where you can define permissions policies, set up password policies, and enable multi-factor authentication (MFA) to enhance security. The dashboard even helps you monitor your account’s security status with tools like the IAM Access Analyzer and Security Status section, making it easier to spot and address vulnerabilities. This is the heart of secure access management in AWS!

Go to Users then Add users:

Here, you can enter the desired name for your user ID.

Then you should tick these boxes:

What these will do is The first one, Access Key, is going to allow you to use the API that programmatically works with AWS, and the Password is going to help you log into the AWS console. You can give an auto-generated password or a custom password, whatever you want. Make sure you tick the last box, which will then want the user to create a new password for them to use later on. Go to the next page by clicking Next Permission.

Then you’ll come to this page. Click Create group

Here, you assign a name to the group, such as 'Admin' if the group's users will manage the admin panel. Additionally, you can assign policies that define the level of access the users will have based on your needs.

Once you click on "Create Group," your group will be successfully created.

After clicking next, next, next you’ll be in this page:

Here, you’ll have your User, Access Key ID, Secret access key and Password. These are all necessary information.

It's important to use your IAM User account for regular activities and avoid logging in with your root user account. Make sure to save your Account ID or account alias along with the other details securely. Once done, log out of your root account and try logging in with your IAM User account to ensure everything works correctly.

Enter your account ID or alias here. On the next page, provide your IAM User ID and password, after which you’ll be prompted to create a new password. Once you’ve completed these steps, you can log in to your AWS account and access the AWS Management Console. However, this time, you’ll be logged in as an IAM User rather than the root user.

Best Practices for IAM User

1. Create individual IAM users instead of sharing credentials

2. Use groups to assign permissions

3. Enable MFA for all users

4. Never use root account for daily tasks

5. Follow the principle of least privilege

6. Regularly rotate IAM user credentials.

7. Use strong and unique passwords for each user.

8. Monitor and review IAM user activities through AWS CloudTrail.

9. Disable unused credentials to reduce security risks.

10. Restrict access to sensitive resources by using service-specific policies.

11. Tag IAM users with metadata to improve organization and auditing.

12. Use IAM Access Analyzer to identify and eliminate overly permissive access.

Billing Awareness and Management

I'll share a few basic tips here, but I won't go into the details just yet—that'll be covered in another blog. I just want to make you aware of one crucial aspect of using AWS: the billing section. So that you don’t end-up pulling your hair lol!(●'◡'●)

When to Use

Keeping track of your billing from day one is a smart move to avoid unexpected surprises. AWS services are incredibly powerful, but it’s easy to accidentally go overboard without realizing it. So, take it slow, stay mindful of your usage, and regularly check your billing dashboard to ensure everything stays within your limits. A little attention now can save you from big surprises later!

Here's what you should do to avoid Over-Billing:

1. Set up billing alerts immediately

2. Check the AWS Free Tier limits carefully

3. Always terminate unused resources

4. Monitor your usage regularly

5. Use AWS Cost Explorer to track spending

Billing Best Practices

• Enable MFA on root account

• Set up billing alerts with AWS Budgets

• Review your bill monthly

• Use cost allocation tags

• Understand free tier limitations

• Check all regions for running resources

Next Steps

After setting up your account, securing it with IAM, and understanding billing, you'll be ready to explore basic AWS services like:

• Amazon S3 for storage

• EC2 for virtual servers

• RDS for databases

Remember, AWS is vast, but you don't need to learn everything at once. Focus on mastering one service at a time, and always keep an eye on your billing dashboard!

Conclusion

Getting started with AWS might seem overwhelming, but by focusing on these foundational steps—account creation, IAM setup, and billing awareness—you're setting yourself up for success. Take your time to understand each concept thoroughly before moving on to more advanced services.

I’m currently learning this myself, so please excuse any mistakes along the way. I’m following FreeCodeCamp's "AWS Certified Cloud Practitioner Certification Course (CLF-C02) - Pass the Exam!" video by Andrew Brown to prepare for my certification exam. You may notice some screenshots taken from this course. I just wanted to highlight this amazing resource by one of my favorite content creators!

Have questions? Feel free to reach out in the comments below! Happy cloud computing! ☁️