This article gives you a short introduction into using AWS for small setups like hosting a private web server or mail server. You will require network knowledge, system administration knowledge and the AWS documentation to follow the article.
The first thing you need to do is register an AWS account. Everything you will do is related to this account: creating users, configuring networking, launching instances and reading your bills.
The AWS account is comparable to a root account on a Linux system, it has wide-open privileges and is therefore not suited for your day-to-day work. For this reason the first two things you should do is securing your AWS account and creating user accounts with just the right amount of permissions. You do this via the IAM (Identity and Access Management) service.
Note that your account is identified by a long number that you will come across in multiple places when using AWS.
To improve security for the AWS account and your user accounts you should use two factor authentication. You will need a dedicated MFA device or software for a mobile device. I recommend the first variant because it is much more secure.
It is also a good idea to apply a password policy which will forces users to chose passwords with reasonable entropy. That said, any password policies can be circumvented if your users are lazy enough.
As we discussed administering your AWS resources with the AWS account is not a good idea. We are therefore going to create an administrator
To create a user:
You might find this strange but by default the new user has no password associated. This does not mean the user can sign in without password. It means the user cannot sign in at all.
To add login credentials:
Note that the generated password will comply to the password policy you set earlier. Another reason why the policy should be strict.
I recommend adding an MFA device for the user too. Consult the AWS documentation on MFA for details
To create the admins group:
Now we need add our “admin” user to the “admins” group:
Your users login to the account via the following link
https://<aws account number>.signin.aws.amazon.com/console
Since this link is quite hard to remember, you can set an alias.
So if you entered “my-example” as account alias, the link will be
To check your expenses:
Note that you have a free tier which is useful for getting to know AWS without having to pay immediately. Be careful though with what services you use, the free tier can be exceeded in no time if you for example use bigger computing instances.
Billing alarms are useful to inform you if you accidentally configured something on AWS that produces higher cost than anticipated.
Note that you come in contact with a new service when you create a billing alarm - CloudWatch. CloudWatch is AWS' integrated monitoring and alarming service.