You have just created your first AWS account. Great job! Now you have the power of AWS in your hands!
Deciding your region
The first task before you create anything is selecting your region. Each region is completely isolated from the other. You may select your region based on your location that is closest to you or that you would be legally required to. (For example for GDPR it is best to select an EU region if you’re customers are based in Europe). Each region also has different services available. Amazon SES (Simple Email Service) that is used by Cognito for example currently supports Email receiving only in the following regions:
- US East (N. Virginia) us-east-1
- US West (Oregon) us-west-2
- Europe (Ireland) eu-west-1
We can select the region in the upper right corner in the AWS Management Console. Let’s not forget that what we created in one region is by default not accessible in another.
Creating a VPC
Now that you have selected your region you can create your first VPC. All accounts come with a default VPC but those vary by region to region on how they are configured (eg. how many subnets they have). I suggest creating a VPC according to your needs. For example, if you would like to use RDS you will need two subnets (preferably private subnets).
The easiest way to create a VPC is through the VPC Wizard from the VPC Dashboard.
Securing your account
You are responsible for security in the cloud! That is why it’s your responsibility to secure your account. When you create an account you have basic security with all access (root account). First, it is a good idea to enable Multi-Factor Authentication or MFA on this account. You can set this under My Account.
Next, create an IAM user in the IAM Management Console. Set only the necessary permissions for each user. If you create a user for yourself don’t forget that Administrator role users don’t have access to billing. If you would like to see your billing information from your IAM user account you should add Billing permissions as well.
After creating your IAM user you should only use your root account when you are managing your IAM users, groups, and permissions.
That’s it! Your account is now secure and ready to used! 👍