To work on the challenge each team needs to have one AWS Account.
You can sign up for a new AWS account here.
During the account creation, you are asked to select a support tier. Please select the Basic Support.
With the email address, you get access to the root user of the account. This user has the highest privileges in the account, and should only be used for management tasks. For all of the daily tasks and especially for this challenge IAM Users should be used (if not specified otherwise).
To create IAM users go to the Identity and Access Management (IAM) service. On the users page, you can create new IAM users. You need to create one user for each of your teammates and also one user for you.
- Select the Users menu point on the left
- Click Add users
- Set user details
-
Specify the User name
NOTE: You can create all the users at once, by clicking on Add another user
-
For Select AWS credential type select both
-
✅ Access key - Programmatic access
Used to access the AWS APIs
-
✅ Password - AWS Management Console access
Used to login to the AWS Web UI, also called Management Console or AWS Console
-
Console password: Autogenerated password
-
Require password reset: ✅ User must create a new password at next sign-in
-
-
- Set permissions
- Select Attach existing policies directly
- ✅ AdministratorAccess. This gives all of you and your teammates access to all the services.
For this challenge, you don't need to create any tags. After double checking that all the information is correct, you can then proceed to create the users.
After the successful creation, you get redirected to the last page of the wizard. On this page, you can download the csv file with the credentials. Distribute this file to your teammates.
For the challenge, AWS sponsored credits for each of the teams. You receive the code from the SAA team onsite.
NOTE: This task needs to be executed as the root user of the AWS Account.
After you created the account, you can redeem the in the Billing Service -> Credits.
In order to use Kendra Experiences, you need to enable AWS SSO and create SSO Users. If you plan on using the Kendra Experiences feature, you need to execute the following steps.
- Log in as your Root User
- Enable SSO in the EU (Ireland) | eu-west-1 Region https://eu-west-1.console.aws.amazon.com/singlesignon/identity/home
You can create the SSO Group and Users with any of the previously created users.
- Select Groups from the left menu
- Create the Group with a name of your choice
- After the Group is created you can create the users
- Select Users from the left menu
- Give it a name
- Select Send an email to the user with password setup instructions.
- Enter valid Email address
- Specify First and Last name
- Add the user to the previously created group
- Go to your Email client
- Accept the Invitation* and specify a password for the user
After that, the user can be selected while configuring the Kendra Experiences feature.