1. Accounts Overview

Multiple Accounts Root users IAMAdmin user for each account

Create first account

This first account is called the General or Management account.

tip

Set up with your gmail.com address - use the +management@gmail.com addition to be able to create your accounts

Create an IAMAdmin account
Set these up with MFA

BabyYodaPoC

This was created for the SAA-C02 exam.

Email Address:

tip

Uses the babyyodapoc+development@gmail.com structure. Look at the below. Account numbers are listed in my personal wiki as a hint for you Dupo.

Root
- babyyodapoc-management
Audit
- babyyodapoc-audit
Logging
- babyyodapoc-logging
Development
- babyyodapoc-development
QA
- babyyodapoc-qa
Production
- babyyodapoc-production
- babyyodapoc-tprod
- babyyodapoc-aprod
- babyyodapoc-cprod

MFA

Root accounts are locked behind MFA Passwords are in PW Manager, MFA is in Authentication App

IAM-Admin

These accounts are set up in Dupo's PW Manager MFA is in Authentication app.

SSO

SSO is set up (check your favorites, Dupo) and the DV and BY accounts in the Microsoft Entra ID tenant have access to these accounts with Admin role in SSO.

Direct Links

Users

Region

Should be N. Virginia

Landing Zone

AWS Organizations

You can group the account into organizational units.
https://aws.amazon.com/solutions/implementations/aws-landing-zone/ https://aws.amazon.com/blogs/mt/tag/aws-multi-account-management/ https://aws.amazon.com/organizations/

Access Key

Access Key ID = AKIAIDDHH77SKFHFF
Secret Access Key = UIPTOPRTOTO*&%*^&%)^&R)&*uty87t8o7t78pt87r78o78t78o5v

Don't put an access key on your ROOT account.

Create first account​

BabyYodaPoC​

Email Address:​

MFA​

IAM-Admin​

SSO​

Direct Links​

Users​

Region​

Landing Zone​

AWS Organizations​

Access Key​