Grumpy's Cloud Foundation Infra Blog

Why You Need to Stop Using that Lone AWS Account

Grumpy Platform Engineer's photo
Grumpy Platform Engineer
·

2 min read

The Basics First, your AWS account:

  • is not a "login" to AWS.
  • is akin to your "subscription" to AWS.
  • can be identified using a 12 digit number that is unique.
  • has a name.
  • has one primary email address, known as the account's email address.
  • provides source of information about the user's postal address, phone number, technical, security and billing points of contact. This information will be used for interactions and communications in matters related to maintenance, service health, security related matters and billing. -and the AWS billing system stores billing related information such as usage of AWS services and resources on a per account basis
  • It is the primary way to interact with AWS support teams.
  • It ties the resources residing in the account to AWS support tiers which define the service levels for AWS support.

    Containers and all that - It's All About Boundaries Baby

  • It is an isolated container providing tenancy among all of AWS' users.
  • and it contains AWS resources such as users and groups, networks, instances, S3 buckets (and others) as those logically "reside" within an AWS account.
  • yep, any AWS resource can be in one and one account only.
  • the resources (not all of them) can be shared with other accounts if sharing is supported by the resource and sharing is set up
  • AWS API/console/CLI operations performed by users are subject to limitations of how many operations can be performed in a a given time interval (also known as API rate limits) for any AWS service.
  • and any AWS service will impose such limits based on the AWS account that is triggering the operation, independent of the amount of (active) users within the account.
  • AWS services control the maximum amount of resources within an account such as the maximum amount of EC2 instances, networks, S3 buckets, etc. This is known as a service quota and operates on a per accounts basis.

Users can have multiple AWS accounts and "larger" AWS environments will frequently have multiple accounts (dozens, 100s, 1000s) in a structured way. More on this later! I promise.

Did you find this article valuable?

Support Grumpy Platform Engineer by becoming a sponsor. Any amount is appreciated!

awsaccountsAWSintroduction