Creating your AWS Management account ¶
Create the first AWS account ¶
First and foremost you'll need to create an AWS account for your project. This will be the management account of your AWS Organization and the email address you use for signing up will be the root user of this account -- you can see this user represented in the architecture diagram.
Since the root user is the main access point to your account it is strongly recommended that you keep its credentials (email, password) safe by following AWS best practices.
To protect your management account, enabling Multi Factor Authentication is highly encouraged. Also, reviewing the account's billing setup is always a good idea before proceeding.
For more details on setting up your AWS account: Organization account setup guide
Create a bootstrap user with temporary administrator permissions ¶
Leverage needs a user with temporary administrator permissions in order to deploy the initial resources that will form the foundations you will then use to keep building on. That initial deployment is called the bootstrap process and thus the user required for that is called "the bootstrap user".
To create that user, navigate to the IAM page and create a user named
mgmt-org-admin following step 2 of this leverage doc.
Bear in mind that the page for creating users may change from time to time but the key settings for configuring the bootstrap user are the following:
- It must be an IAM user (we won't be using IAM Identity Center for this)
- Password can be auto-generated
- It requires admin privileges which you can achieve by directly attaching the
AdministratorAccesspolicy to it
- There's no need to add the user to any group as it is only a temporary user
- Generating programmatic access keys won't be necessary
Usually the last step of the user creation should present you the following information:
- Console sign-in URL
- User name
- Console password
Make a note of all of these and keep them in a safe place as you will need them in the following steps.
If you are only getting the bootstrap user credentials for someone else in your team or in Binbash's team, then please share that using a secure way (e.g. password management service, GPG keys, etc).
Next steps ¶
You have successfully created and configured the AWS account for your Leverage project. From now on, almost all interactions with the AWS environment (with few notable exceptions) will be performed via Leverage.
Next, you will setup all required dependencies to work on a Leverage project in your local machine.