Getting started with AWS

I'm getting started with AWS. How do I create and activate a new AWS account?

Sign up using your email address :

1.    Open the Amazon Web Services (AWS) home page.

2.    Choose Create an AWS Account.

Note: If you signed in to AWS recently, choose Sign in to the Console. If Create a new AWS account isn't visible, first choose Sign in to a different account, and then choose Create a new AWS account.

3.    In the Root user email address, enter your email address, edit the AWS account name, and then choose Verify email address. An AWS verification email will be sent to this address with a verification code.

AWS FREE TIER ACCOUNT

Tip for Root user Email Address, The email address can be used to reset account credentials. Be sure that you protect access to these distribution lists. Don't use the AWS account root user login for your everyday tasks. It's a best practice to enable multi-factor authentication (MFA) on the root account to secure your AWS resources.

Verify your email address

Enter the code you receive, and then choose Verify. The code might take a few minutes to arrive. Check your email and spam folder for the verification code email.

Create your password

Enter your Root user password and Confirm root user password, and then choose Continue.

Add your contact information

1.    Select Personal or Business.

Note: Personal accounts and business accounts have the same features and functions.

2.    Enter your personal or business information.

Important: For business AWS accounts, it's a best practice to enter the company phone number rather than a personal cell phone number. Configuring a root account with an individual email address or a personal phone number can make your account insecure.

3.    Read and accept the AWS Customer Agreement.

4.    Choose Continue.

You receive an email to confirm that your account is created. You can sign in to your new account using the email address and password that you registered with. However, you can't use AWS services until you finish activating your account.

Add a payment method

On the Billing information page, enter the information about your payment method, and then choose Verify and Add.

If you are signing up in India for an Amazon Internet Services Private Limited (AISPL) account, then you must provide your CVV as part of the verification process. You might also have to enter a one-time password, depending on your bank. AISPL charges your payment method two Indian Rupees (INR), as part of the verification process. AISPL refunds the two INR after the verification is complete.

If you want to use a different billing address for your AWS billing information, choose Use a new address. Then, choose Verify and Continue.

Important: You can't proceed with the sign-up process until you add a valid payment method.

Verify your phone number

1.    On the Confirm your identity page, select a contact method to receive a verification code.

2.    Select your phone number country or region code from the list.

3.    Enter a mobile phone number where you can be reached in the next few minutes.

4.    If presented with a CAPTCHA, enter the displayed code, and then submit.

5.    In a few moments, an automated system contacts you.

6.    Enter the PIN you receive, and then choose Continue.

Choose an AWS Support plan

On the Select, a support plan page, choose one of the available Support plans. For a description of the available Support plans and their benefits, see Compare AWS Support plans.

Choose Complete sign up.

Wait for account activation

After you choose a Support plan, a confirmation page indicates that your account is being activated. Accounts are usually activated within a few minutes, but the process might take up to 24 hours.

You can sign in to your AWS account during this time. The AWS home page might display a Complete Sign Up button during this time, even if you've completed all the steps in the sign-up process.

When your account is fully activated, you receive a confirmation email. Check your email and spam folder for the confirmation email. After you receive this email, you have full access to all AWS services.

Securing an AWS Account:

There are various ways to secure an AWS account:

Multi factor Authentication:

Ø An Authentication Method to validate the User’s Identity.

Ø The user need to Provide two or more pieces of Evidence of their identity to gain Access.

Identity & Access Management Services:

 AWS Identity and Access Management (IAM) is a web service that helps you securely control access to AWS resources. You use IAM to control who is authenticated (signed in) and authorized (has permissions) to use resources.

When you first create an AWS account, you begin with a single sign-in identity that has complete access to all AWS services and resources in the account. This identity is called the AWS account root user and is accessed by signing in with the email address and password that you used to create the account. We strongly recommend that you do not use the root user for your everyday tasks, even the administrative ones. Instead, adhere to the best practice of using the root user only to create your first IAM user. Then securely lock away the root user credentials and use them to perform only a few account and service management tasks.

Steps:

a)  Add , Multi Factor Authentication for Root user.

Ø To activate,MFA, User need Authentication App, So, best is to use Google Authentication App on mobile or PC( because it is Free).

Ø Use QR code, Scan it using phone Scanner.

Ø Type MFA code 1, then wait to Expire then Add , MFA code 2.

b)  Change Password Policy using, Account Setting Menu.

 Setup Budget for AWS Account & Alerts:

Steps:

Ø In AWS Management Console

Ø Select , Billing Dashboard.

Ø Select Budget, Create a Budget.

Ø Leave Everything (by default).

Ø Name your Budget and Enter your Budget.

 Different Method to Interact with AWS:

AWS is a cloud computing platform from Amazon. It’s always beneficial to know how many ways you can connect and run commands to create and manage AWS services.

There are Three ways we can manage and connect the AWS services:

1)  AWS Console: This is the easiest way to manage resources on AWS. You can log in with the user you created . Two Types of Users are there:

Ø Root user – User who has access to all AWS Resouces.

Ø IAM User – These users have Limited Access , provided by the root user.

 Steps to Create Account Alias:

If your users have trouble remembering their 12-digit code, you can create an account alias in the AWS Management Console. This alias can be any 63-character combination of digits, lower-case letters and dashes. Think up a memorable AWS alias for your team to remember, and you’ll no longer waste time reminding users of their account ID.

To create an AWS account alias, follow these steps:

1.  Login with either the AWS root account or as an administrative user

2.   Navigate to the Identity and Access Management (IAM) dashboard

3.   Find the account ID on the right-hand side and click Create or Change under the AWS account alias

4.   Provide a unique name for the account alias

5.   Save your changes and distribute the new alias to your users

2) AWS CLI

The AWS Command Line Interface (CLI) is a unified tool to manage your AWS services. With just one tool to download and configure, you can control multiple AWS services from the command line and automate them through scripts.

We need to install AWS CLI on your laptop you can download it from Google and install it. Once installed check it whether it’s working or not.

• To Check , Type : terminal
• aws—version
• We need to configure our AWS CLI for the user we created , for that, you should have access to the keys that you downloaded while creating the user and use the below command.

{To create access key , from AWS Account dropdown menu, select security credential,then access key, then Create.}

ü //Access Key                              

 $ aws configure                        

   aws access key ID:

   aws secret Access key:

  default region name: ap-south-1

  default output format:json

Once you are done with the configuration, you can use any service you have access to. Let’s create an S3 bucket and list all the buckets again with the following commands.

//for s3 bucket

$ aws s3 ls

3) AWS SDK

AWS has tools for developing and managing applications on AWS. AWS supports these programming languages at the time of writing C++, Go, Java, JavaScript, .NET, Node.js, PHP, Python, and Ruby.

Summary

·       Services on AWS can be managed by three ways AWS Console, AWS CLI, and AWS SDK

·       You need to create an AWS Account and this becomes a root user that has all the privileges.

·       It’s a best practice to create another IAM user for daily tasks and enable MFA on the root account.

·       AWS Console is the easiest one and it is GUI for managing services

·       You need to authenticate the user with AWS CLI with the command aws configure and the credentials are placed at ~/.aws/credentials

·       AWS SDK allows you to programmatically manage services on AWS. AWS provides SDK for several programming languages.

AWS Regions , Availability Zones , Edge Locations

 AWS (Amazon Web Services) provides over 200 services to more than a million customers across 240 countries and territories, the largest cloud infrastructure in the world. AWS is expanding its infrastructure continuously across multiple regions. Currently, AWS covers 25 geographical regions and 81 availability zones around the globe. Shortly, it is going to cover 8 more geographical regions and 24 availability zones in different countries.

Regions

An AWS Region is the physical location where multiple clusters of data centers are deployed to provide different cloud services. A logical group of data centers is called the availability zone, and there is a minimum of 3 availability zones in a region. These availability zones are physically isolated from each other inside the region. Each availability zone inside the region has its own power, cooling, and physical security system and has redundant, ultra-low latency networking. In order to run highly available applications on AWS, design the application to run in multiple availability zones. In case one availability zone goes down, your application will still be running on another availability zone.

·       Middle East

·       South Africa

·       Asia Pacific

·       China

·       Europe

·       South America

·       North America

 Availability Zones

An availability zone collects one or more data centers with ultra-low latency and redundant networking inside a region. There is a minimum of three availability zones inside a single AWS region. An application can be deployed across multiple availability zones in a region for high availability. In case one availability zone goes down, the application will still be accessible in the second availability zone.

All the availability zones inside a region are connected to each other with high bandwidth, ultra-low latency network that makes the communication between the availability zones faster. Each availability zone has a redundant power supply, networking, and connectivity and the traffic between these availability zones is encrypted. The network performance is fast enough for synchronous replication across availability zones.

If an application is deployed across multiple availability zones, your application will be safe from natural disasters like floods, earthquakes, etc. The average distance between two availability zones is considerable, and all the availability zones lie within the 100km rheadius.

AWS edge locations

Edge locations in AWS are the data centers located near the end-users and designed to deliver content from different AWS services with minimum latency. Amazon has a lot of edge locations located around the globe. When a user makes a query, AWS first checks if the data is available on the edge location. If the data is available on the edge location, it is delivered to the end-user without making a query to the AWS servers. Otherwise, data is fetched from the AWS servers and delivered and cached at the edge location.

Following are some services that use AWS edge locations for faster content delivery.

·       CloudFront: CloudFront caches the copy of data at edge locations, so the content is saved closer to the user. This content then can be delivered to the end-users faster.

·       Web application firewall: A web application firewall is used at the edge locations to filter unwanted data earlier before it reaches the AWS region.

·       Route53: Route53 is a DNS server and is used to serve the DNS queries from the edge locations. When a DNS query is made, it is cached at the edge location, and the next time, it returns the response from the edge location.

 AWS direct connect locations

In order to connect your local data center to the AWS so that your local services and AWS services can talk to each other privately, AWS provides direct connect locations. AWS direct connect locations to connect your private network to AWS direct connect locations over fiber optic cables. With AWS direct connect, a virtual interface is created to the AWS public services like Amazon VPC, Amazon S3, directly bypassing the ISPs in the network path. AWS direct connect provides access to the public services in the region in which the direct connect is deployed.

AWS global infrastructure contains more than 100 direct connect locations around the globe to provide a better hybrid environment. Following is the list of geographical regions in which the AWS direct connect is located.

·       Asia Pacific

·       Canada

·       China

·       Europe

·       Africa

·       Middle East

·       South America

·       United States

 In this article, We have covered the basics of How to get Start with AWS and how to interact with the AWS services and resources. The Global infrastructures of AWS that is Regions , Availablity Zones and Edge Locations.