Amazon Web Services is a powerful collection of cloud-based products that allows companies and individuals to do things that, until recently, required massive capital investment. Need 10,000 computers for an hour to perform a complex computation? No problem. Want a nearly automatic setup of a scalable redundant Web service? No sweat. Want to spin up a single computer to experiment on -- without disturbing your PC? Again, it's no problem.
Before you can do any of these things, however, you need to take a few steps and set up an AWS account.
First, you have to decide whether you want to use an existing Amazon retail account or create a new one. Even if you use an existing account, you'll have to enter basic verification information, but you won't have to create a new password. (You can decide if that's a good or bad thing.)
Although many services in AWS are free, you still need to provide a credit card and a phone number. To confirm your identity, AWS will send an automated call to your phone and display a confirmation code for you to enter on the phone.
Finally, choose a support plan.
The Developer level support, for example, offers you a 12-hour response time to questions you send via email. In most cases, the response time is usually more like two hours. Given the amount of information Amazon provides on the Web and the ubiquity of sites like StackOverflow.com, you can probably get by with the free Basic support.
I recommend enabling Multi-Factor Authentication (MFA) to better protect your AWS account. Clicking on the MFA button brings you to a Security Getting Started Page.
Click on Manage MFA Device to set up Multi-Factor Authentication. Next, choose “virtual MFA device” to use your cell phone. You may think your phone is an actual physical device but the dialog refers to a dedicated piece of hardware that you can purchase from Amazon. Using your phone is just fine.
Next, install an MFA application on your phone (it's free). The Google Authenticator app works on Android, iPhone and BlackBerry; Window's Phone also has an Authenticator app. Install the app just like any other app on your phone.
If you use Google Authenticator, perform these steps:
- Use the phone app to scan a barcode that displays on the Web page.
- See a six-digit security code; the Authenticator displays a new one every minute.
- Enter two consecutive codes on the Web page; enter a code, wait a minute until the code changes, and then enter the new code.
From now on, whenever you log into your AWS from a new computer, it will ask you enter a code, which you get when you start the Authenticator app. This ensures that only someone with both your AWS password and your phone can access your account.
At this point, you can proceed to safely use your AWS account. There are many more security-related steps you can take, such as creating additional users, groups and roles.
Understanding your options in AWS
After you've created an AWS account, the breadth of product options available can be a bit overwhelming. To navigate to an AWS Service, click on the orange Services button at the top left of most screens. This brings up a panel listing the services you might want.
Available Amazon cloud services can be organized into several groups, based on what you're trying to do:
- Create one or more computers (EC2).
- Create cloud storage space (S3, Glacier).
- Use security-related options (IAM).
- Monitor your system and receive alerts (CloudWatch, CloudTrail, SNS).
- Create databases in the cloud (DynamoDB, RDS, Storage Gateway).
- Set up Web servers (CloudFormation, CloudFront, ElasticBeanStalk).
- Process large amounts of data (Data Pipeline, Elastic MapReduce, Elastic Transcoder).
About the author:
Brian Tarbox has been doing mission-critical programming since he created a timing-and-scoring program for the Head of the Connecticut Regatta back in 1981. Though primarily an Amazon Java programmer, Brian is a firm believer that engineers should be polylingual and use the best language for the problem. Brian holds patents in the fields of UX and VideoOnDemand with several more in process. His Log4JFugue open source project won the 2010 Duke's Choice award for the most innovative use of Java; he also won a JavaOne best speaker Rock Star award as well as a Most Innovative Use of Jira award from Atlassian in 2010. Brian has published several dozen technical papers and is a regular speaker at local Meetups.