From the course: AWS Essential Training for Developers
The AWS root account - Amazon Web Services (AWS) Tutorial
From the course: AWS Essential Training for Developers
The AWS root account
- Before we do anything on your AWS account, we first need to figure out what kind of account you have. If you don't have an AWS account, you can sign up for your own account by going to aws.amazon.com. You'll be asked to put in a credit card on file for the billing but most AWS services have a free tier that allow you to try out several services for the first year while you're learning about AWS. If you signed up for your account this way or someone in your organization only sent you a username and password then you have an AWS root account. If you were sent a username, a password and an account ID or an account alias or maybe someone sent you a special link to click on to sign in then you have an IAM user account. IAM stands for Identity and Access Management and this is how AWS controls who has access to your organization's account. Now, if you have an IAM user account then your login screen will include a field at the top that says Account ID or Alias and it should already be filled in for you. If you have an AWS root account, you are using a special account within AWS and you should only sign in to AWS using the root account under certain circumstances. When you sign in with the AWS root account, you become captain of your starship and the captain of the starship has special abilities. You can promote and demote your officers. You can even tell your ship to self-destruct. When you interact with AWS using the root account, imagine yourself wearing the captain's uniform and the great responsibilities that come with the uniform. There's a complete list of the special privileges the root user has in the documentation but the most common uses are creating your first IAM user, changing the login credentials of the root user itself, changing your support plan with AWS and deleting the entire AWS account. So you can see how dangerous it would be for someone to get ahold of your AWS root account. You never want to give out your AWS root account and you should only log into the AWS root account when you absolutely have to. Make sure your AWS root account has a strong password and if you want to take extra precautions, AWS recommends that you secure the root account by using a physical multi-factor authentication key. The MFA key requires that whoever puts on the captain's uniform must have the root username and password and have the MFA key in hand. The physical MFA keys they support along with their associated costs are listed in the AWS Docs. To set up MFA, log into the AWS console, click on your username in the upper right toolbar and in the sub menu, select my Security Credentials. Under Multi-factor Authentication, click on the Assign MFA Device button. The Virtual MFA Device option allows you to use an app on your phone in place of a physical device but I recommend using the physical MFA key for the AWS root account and then using the Virtual MFA option to secure your individual IAM user account. To set up MFA, you just follow the instructions listed in this wizard for the device that you selected. Now, let's keep on the captain's uniform just a little bit longer so we can create you an IAM user and then hang up the captain's uniform up in the closet where no one can find it.
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.