IAM (Users, Groups, Policies, Roles) - AWS Free Tier usage - Console vs CLI

AWSomeVikashAWSomeVikash
3 min read

๐Ÿš€ AWS Basics Explained Like You're 5
By: AWSomevikash,

Learning AWS? Letโ€™s break down 3 important topics in the simplest way possible โ€” with human examples and stories you wonโ€™t forget!

๐Ÿ” IAM (Identity and Access Management)

Imagine AWS is a school, and inside that school are different rooms โ€” like the Library (S3), Computer Lab (EC2), and Science Lab (RDS).

Now:

  • Users = Students or Teachers. Everyone gets their own login.

  • Groups = Classrooms. A bunch of users with the same rules (permissions).

  • Policies = Permission Cards. These cards say things like: "You can read the books in the library but not use the lab."

  • Roles = Temporary Superhero Coats. You wear it to do a special job, then take it off.

๐Ÿง‘โ€๐Ÿ’ป Example:

  • Raju is a developer who uses EC2 โ†’ Heโ€™s a user.

  • Seema is a tester who can only view files in S3 โ†’ Another user with a different policy.

  • A Lambda function needs to read from S3 โ†’ It puts on a role to do that.

๐ŸŽ AWS Free Tier = A Welcome Gift Box

When you create a new AWS account, they give you a free gift box. Inside are free usage limits for 12 months.

Each item has a limit:

  • EC2: 750 hours/month (tiny server)

  • S3: 5 GB storage

  • Lambda: 1 million function calls/month

  • RDS: 750 hours of free database time

But just like chocolates in a gift box โ€” if you eat more than whatโ€™s inside, youโ€™ll be charged. So, monitor your usage regularly!

OR

๐ŸŽ“ Real-Life AWS IAM Example:

Letโ€™s imagine three characters using AWS:

๐Ÿ‘‰ Raju is a Developer
He can create and manage servers on EC2.
(Raju is an IAM User with EC2 permissions)

๐Ÿ‘‰ Seema is a Tester
She can only view data in S3, nothing else.
(Seema is an IAM User with read-only S3 permissions)

๐Ÿ‘‰ Lambda Function is like a Robot
It needs to read images from S3 to do its job.
(Lambda uses an IAM Role with S3 read access)

Tip:
Open your Billing Dashboard on AWS and set up alerts so you never get a surprise bill.

๐Ÿ–ฅ๏ธ Console vs CLI

Letโ€™s say AWS has two ways to talk to it:

  1. Console = Like a game menu. You click, scroll, and use your mouse. Great for beginners.

  2. CLI (Command Line Interface) = Like casting magic spells. You type commands, and AWS listens. Great for automation.

Example:
To create a storage bucket using CLI, you just write:

bash

CopyEdit

aws s3 mb s3://my-first-bucket

Quick, powerful, and no clicking around!

๐Ÿง  Summary (in plain words)

  • IAM lets you decide who can do what in AWS.

  • Free Tier is your starter pack, but you have to stay within limits.

  • Console is easy and visual, CLI is powerful and fast.

#90DaysOfDevOps #LinuxAdmin #DevOps

0
Subscribe to my newsletter

Read articles from AWSomeVikash directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Amazon Web ServicesAWSAWSCommunity

Written by

AWSomeVikash
AWSomeVikash

๐Ÿš€ Hi, I'm Vikash Patel โ€” a passionate AWS & DevOps enthusiast, sharing my complete learning journey and real-world implementations. ๐Ÿ“˜ On this blog, Iโ€™m publishing a full DevOps + AWS roadmap โ€” from basics to advanced, covering: ๐ŸŸก AWS Services: EC2, S3, IAM, CloudWatch, Billing, and more ๐Ÿง Linux commands & scripting โš™๏ธ CI/CD pipelines with GitHub Actions & Jenkins ๐Ÿงฑ Infrastructure as Code using Terraform ๐Ÿ“ˆ Monitoring, Alerts & Troubleshooting ๐Ÿ’ก Every post is beginner-friendly โ€” focused on clarity, practical use-cases, and hands-on solutions. ๐ŸŒ Iโ€™m also building my presence in the AWS Community, sharing what I learn, and learning from others. ๐ŸŒฑ Whether you're starting your cloud journey or looking for practical DevOps solutions, this blog is for you.