This article is more than 2 months old
HomeTrying to create an AWS account the right way

Trying to create an AWS account the right way

January 22, 20246 min read

This is the second article in my series "Learning AWS with the Cloud Resume Challenge." You can check out the previous post in this series here.

Creating an AWS account

What is the best way to create a new AWS account ? From the info in the Cloud Resume Challenge Guide book, there are two options: the original way or the professional way.

The original way follows the steps in the AWS documentation on account management:

  • Create your AWS account
  • Activate MFA for your root user
  • Create an administrator user

The professional way is more complicated. It requires using an AWS service called AWS Organisations to manage accounts in groups called Organisation Units.

I already had an AWS account that I set up in the original way. This time I decided to try something different and set up my accounts using AWS Organisations.

The Cloud Resume Challenge Guide book recommends using an open-source Command Line Interface (CLI) called org-formation to create and manage AWS organisations.

I followed a helpful guide on how to use org-formation by Bahr. His guide is excellent, but it was written in 2020. Since then, the AWS console has changed slightly, so I had to make extra adjustments at certain steps.

But, In general, these are the steps I took to set up my AWS account with org-formation:

Concluding thoughts

Now, I didn't have to go through all this hassle to set up my AWS account. I could have simply used my previous account and been more strict with IAM roles and permissions for each IAM user I created.

But, this experience and tinkering around with org-formation introduced me to two AWS services I had never heard of before - CodeCommit and CodePipeline.

I even had the opportunity to edit CloudFormation templates, a service widely used in production by many companies.

One thing I would like to mention is that the account management strategy and infrastructure side of IAM and AWS is not my jam. But, I still find it interesting.

Managing AWS accounts for entire engineering organisations can be complex, which makes me appreciate the AWS credentials that I have at my current workplace.

Now that I have an account, the next step is to start building. In the next part of the series, I will build and deploy the front end of the cloud resume using AWS services.

Till next time.