"Today is gonna be the day that they're gonna throw it back to you" - lazy song for hipsters
So in the last post we learned about how to make an AWS account and the basic topics behind an AWS organization, today we're going to learn about:
- How to make organizations in practice
- How to create new users
- AWS Well-Architected framework
But before we start...
It's necessary to say, that if you're using a free account you do not have technical support, this kind of support is only available for paid accounts, so please, take care because not in that tutorial but in the next tutorials we're going to see some content that involves some values.
How to make Organizations and Users in Practice!
Okay so to deal with organizations we need to take care of two Amazon services, the first is "AWWS Organizations" (Duuhhh), and the second is "I.A.M".
The first one you can access by searching for "AWS Organizations":
On this page, you can create new AWS accounts and associate them with the root account (or your account). Ofc you also can divide it into groups, but in my personal opinion, it's better to do that by using the I.A.M.
To access I.A.M just search for IAM in the search bar:
in the I.A.M section, we also can make new users, but first, it's necessary to create it in the previous section. After that you can make new Users and divide them into groups, inside each group we're able to select some permissions (or policies) for each user.
But beyond that, we also can add some individual policies for individual users.
A little bit more about I.A.M
It's a good practice to create a second account with Administrator Access, the reason for that it's because the root account should only care about billing and managing other users.
For each user, gives 2 kinds of permission, "full permission to something" and "Read-only permission to something", the reason for that it's because when someone does something wrong, instead of revoking access, you can just revoke permissions until the problem is solved.
Each user should have MFA for security.
AWS Well-Architected Framework and Why We Should Divide Our Users
When it comes to taking care of an entire organization it's normal to have some headaches, and it's not necessary to be a BIG TECH, even small companies with AWS can suffer by not organizing correctly the cloud section. Because of that inside AWS, we have a Quiz called AWS Well-Architected Framework, and in simple words, this questionnaire asks questions about the tech health of your company inside of AWS. At this moment it's good to know about the existence of this framework, but do not answer it now! Wait for when we finally use it to do some deployment.
Top comments (0)