AWS Accounts are a fundamental part of AWS and enable you to create, access, and manage cloud resources. Each account functions as a secure, isolated environment for running services, with its own billing and access controls.
Accounts are used to separate concerns and can be done in multiple fashions. For example you might have an account for each:
-
Environment such as production, development and testing
-
Product or service
-
Team or client
Creating an AWS Account
When creating an AWS account you will need:
-
An account name, such as `Production` or `Client X`
-
A unique email address (plus addressing will work just fine)
-
A billing card that will be used to pay for any usage over the free allowance
The email address used becomes the root account user and will always have full unrestricted access to everything within this account container.
Much like Linux servers its considered best practice to avoid using this account for everyday tasks and being extremely cautious on who has access to the root user account.
IAM - Identity & Access Management
IAM is the AWS method for creating and configuring other users and their access level within the Account container.