Tuesday, 18 April 2017

Setting up your new AWS account - Important things to do

When we setup a new AWS account, we should do some of these important things:

1. Enable Billing for IAM users
By default, only ROOT user (one who signed up for the AWS account by putting his email and credit-card) can access the Billing related sections. Once this setting is enabled, you can give Billing access to IAM users as well. Remember, not all the users will have default access to Billing section after this setting. Only the IAM users whom you allow (via IAM Policies) would be able to access Billing section. 


2. Activate MFA for Root user / other privileged IAM users
At top click on your account name and go to "My Security Credentials". Read here if you have doubts. You can use your smartphone and install Google Authenticator app on that. 


3. Enable Detailed Billing
You can enable detailed billing reports (3rd option in picture) and receive the same in an S3 bucket. You should enable this as it helps you break down the cost according to tags on various resources. These files are updated in your S3 bucket every 20-30 minutes and give you a very granular level of breakup of your spending.


4. Enable Cost Allocation Tags
Once you convert a tag to Cost Allocation tag, it starts appearing in the detailed billing file as an additional column (user: Environment) and you can easily filter the cost in EXCEL for different values. E.g. You create a tag called Environment and it can have different values DEV, QA, UAT, PROD. Hence, no money leakage; you can easily attribute who has spent how much in a month. 

5. Free Tier Benefits on a new account
AWS gives some amount of free usage on every new account. Read the conditions in detail here and then start using. Watch this video to learn few more things quickly. 



Happy Learning AWS !! Like and SHARE this please. 

4 comments:

  1. Hello All,

    I was try to create a s3 bucket through CLI. I already created an IAM user with AmazonS3FullAccess. and logged in through CLI with given credentials. Region selected as Oregon. while hitting any s3 command I am getting the same error message Could not connect to the endpoint URL: "https://s3.Oregon.amazonaws.com/". Where I am doing it wrong?

    ReplyDelete
    Replies
    1. You should not be putting Oregon, rather region-code there.
      In this case, it is "us-west-2"

      Delete
  2. KI,

    How to find out the size of an s3 bucket?. How to find out how many GET and PUT requests were recieved by S# at any given point in time

    ReplyDelete
  3. There is no direct way to find the size of an S3 bucket. You will have to get the size of all objects inside a bucket and then sum it up.

    PUT & GET requests - This is bit tricky. You can probably start CloudTrail and write a script to calculate from CloudTrail logs.

    ReplyDelete

Note: only a member of this blog may post a comment.

Most Popular Posts