← Back to AWS Mastery
Basic13 min read

AWS Fundamentals

Get started with Amazon Web Services — navigate the console, understand regions and availability zones, set up IAM, and manage billing.

AWS Global Infrastructure

AWS operates in Regions — geographic areas with multiple isolated Availability Zones (AZs). Each AZ is a separate data center with independent power and networking. Deploy across multiple AZs for high availability.

Choose regions based on latency to users, data residency requirements, service availability, and pricing. Not all services are available in every region.

  • Minimum 3 AZs per region for high availability architectures
  • Data transfer between regions incurs charges
  • Some services are global: IAM, Route 53, CloudFront
# Check available regions
aws ec2 describe-regions --output table

# Set default region
aws configure set region us-east-1

# Common regions
# us-east-1 (N. Virginia) — largest service catalog
# eu-west-1 (Ireland) — European hub
# ap-southeast-1 (Singapore) — APAC hub

AWS Management Console

The AWS Console is the web-based management interface. Organize resources with tags (key-value pairs). Use AWS CloudShell for browser-based CLI access. Enable MFA on your root account immediately.

The AWS CLI provides programmatic access to all services. Configure with aws configure — set access key, secret key, region, and output format.

# Install and configure AWS CLI
aws configure
# AWS Access Key ID: AKIA...
# AWS Secret Access Key: ...
# Default region: us-east-1
# Default output format: json

aws sts get-caller-identity  # Verify credentials

Identity and Access Management

IAM controls access to AWS resources. Users are individual identities. Groups collect users with shared permissions. Roles provide temporary credentials for services and federated users. Policies define permissions as JSON documents.

Follow least privilege: grant minimum permissions needed. Never use root account for daily operations. Enable MFA for all users.

{
  "Version": "2012-10-17",
  "Statement": [{
    "Effect": "Allow",
    "Action": ["s3:GetObject", "s3:PutObject"],
    "Resource": "arn:aws:s3:::my-bucket/*"
  }]
}

Billing and Cost Management

AWS Billing Dashboard shows current charges. Cost Explorer analyzes spending trends. Budgets alert when spending exceeds thresholds. Free Tier provides limited free usage for 12 months on select services.

Enable billing alerts immediately. Tag all resources with Environment, Project, and Owner for cost allocation. Review Cost Explorer monthly to identify optimization opportunities.

  • Free Tier: 750 hours EC2 t2.micro, 5GB S3, 25GB DynamoDB per month
  • Reserved Instances save up to 72% for committed usage
  • AWS Cost Anomaly Detection alerts on unusual spending
# Create a budget alert
aws budgets create-budget \
  --account-id 123456789012 \
  --budget '{
    "BudgetName": "monthly-budget",
    "BudgetLimit": {"Amount": "100", "Unit": "USD"},
    "TimeUnit": "MONTHLY",
    "BudgetType": "COST"
  }'

AWS Well-Architected Framework

The Well-Architected Framework defines six pillars: Operational Excellence, Security, Reliability, Performance Efficiency, Cost Optimization, and Sustainability. Use it to evaluate and improve your architectures.

Review workloads against the framework regularly. AWS Well-Architected Tool provides guided reviews with actionable recommendations.

# Six pillars summary
# 1. Operational Excellence — run and monitor systems
# 2. Security — protect information and systems
# 3. Reliability — recover from failures
# 4. Performance Efficiency — use resources efficiently
# 5. Cost Optimization — avoid unnecessary costs
# 6. Sustainability — minimize environmental impact

Get In Touch

Ready to discuss your next project? Drop me a message.