By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

AWS : confused about account and user (AWS organisation and AWS IAM)

0

Hello I'm preparing AWS cloug practionner certification and I'm confused bewteen aws account and aws user.

when i learnt AWS IAM, this is what i understood: So far, I created an account (called accountA) on AWS, I provided an email and a credit card. I understood i have a root user and i should not use it.

  1. first of all, is it really a root user or should i say a root account?

Then, in this accountA, I created a user (called userA1) to follow the good practices. With user A1, i create other users, i can group these user in user groups and give them policies.

then, i learnt AWS organisation, and i'm lost: It looks like we can manage several accounts and give SCP to each account. As said above, I already created an account (named accountA), so here are 2 questions

2 ) How can i create several accounts with my account already created? If I want to create another account, does it mean i have to sign up to AWS again with another email and credit card?

3)Or can I create another account when I'm logged in account1?

I may have other questions depending on the answers

Topics
Security, Identity, & ComplianceManagement & Governance
Tags
AWS Identity and Access ManagementAWS Account Management
Language
English
adnul
asked 16 days ago114 views
2 Answers
0

Hello.

first of all, is it really a root user or should i say a root account?

A root user is a user who can perform all operations within your AWS account.
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_root-user.html

How can i create several accounts with my account already created? If I want to create another account, does it mean i have to sign up to AWS again with another email and credit card?

You can create an AWS account from the AWS Organizations management account (accountA).
You can create an AWS account by following the steps below.
https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_create.html

To use AWS Organizations, you need to enable Organizations by following the steps in the document below.
https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_create.html

A separate email address is required, but you can create one using an email address alias.
So, if you use Gmail, you can register as follows.

test+account1@gmail.com

There is no need to register a new credit card.
AWS Organizations Consolidated Billing will bill your AWS managed account (accountA).
https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/consolidated-billing.html

Or can I create another account when I'm logged in account1?

You can create another AWS account if you are signed in with accountA, which is the AWS Organizations management account.

profile picture
EXPERT
Riku_Kobayashi
answered 16 days ago
0

OK, thank you So I have an account (AccountA) with different users (and the root user). Then from this accountA, i an create other accounts and manage them. Does it mean each new account has its own root user?

adnul
answered 16 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content