Introduction to AWS and IAM (Identity and Access Management)

Hey everyone!

Let’s get straight into AWS without unnecessary details.

To use AWS, the first thing you need is an AWS account.

What is an AWS Account?

An AWS account is like a container where you create and manage AWS resources to deploy applications.

How to Create an AWS Account?

You need three things:

1. A unique email ID (one that hasn't been used for AWS before).
2. A phone number (for verification).
3. A credit card (even for the free tier).

Even though AWS offers a Free Tier, if you exceed the limits, you’ll be charged. That's why a credit card is required.

Root User vs IAM User

When you create an AWS account, a Root User is automatically created.

✅ Root User = The most powerful user in AWS (has all permissions).

❌ Don’t use the Root User for daily tasks because if it gets compromised, your entire AWS account is at risk.

Instead, AWS recommends creating IAM Users.

What is IAM (Identity and Access Management)?

IAM is a service that helps manage who can access your AWS resources and what they can do.

IAM does three main things:

1. Creates and manages identities (users, groups, roles).
2. Authenticates users (verifies identity using username/password).
3. Authorizes users (controls what actions they can perform using policies).

IAM Users and Policies

IAM Users – Users with limited permissions, created to replace the Root User for daily tasks.

IAM Groups – Instead of assigning permissions to each user separately, users with similar roles can be grouped (e.g., Admins, Developers, Testers).

IAM Policies – Rules that define what actions a user/group can perform in AWS.

Types of IAM Policies

1️⃣ AWS Managed Policies – Predefined by AWS, automatically updated when AWS adds new features.

2️⃣ Customer Managed Policies – Custom policies created and maintained by the user.

💡 Tip: Use AWS Managed Policies when possible, as they are maintained by AWS.

AWS Global Infrastructure

AWS has a network of data centers worldwide, structured as:

✔ Data Centers – Physical locations where AWS servers run.

✔ Availability Zones (AZs) – A group of data centers in a region.

✔ AWS Regions – A geographical location containing multiple AZs (e.g., Mumbai, Ireland, Tokyo).

AWS has 32 regions and 102 Availability Zones.

Why Choose a Specific AWS Region?

1. Latency – Choose a region closest to your users for faster performance.
2. Compliance – Some countries (like the EU) have strict data regulations.
3. Service Availability – Not all AWS services are available in every region.
4. Cost – Prices vary between regions (e.g., India is cheaper than the US).

Other AWS Concepts

✅ Local Zones – Mini AWS data centers in specific cities for ultra-low latency (e.g., gaming, video processing).

✅ Edge Locations – Small caching centers for AWS CloudFront (CDN) to speed up content delivery.

Conclusion

• Root User – Only for account setup and critical tasks.
• IAM Users & Policies – Used for daily AWS tasks with controlled access.
• AWS Infrastructure – Choose regions based on latency, compliance, cost, and service availability.
• Local Zones & Edge Locations – Used for low-latency applications.

Hope this makes AWS and IAM easier to understand! 🚀 Let me know if you have any questions! 😊