Course Overview All Courses Blog Reserve Bootcamp Seat
AWS for AI · Day 1 of 5 ~60 minutes

AWS Basics — Accounts, IAM, the Console

Set up your AWS account the right way, understand IAM, and learn to navigate the console without getting lost.

1
Day 1
2
Day 2
3
Day 3
4
Day 4
5
Day 5
What You'll Build Today

A secure AWS environment: root account with MFA, an IAM user for daily work, a dedicated IAM role with Bedrock permissions, and an access key ready for programmatic use. Plus your first CLI call to verify everything is wired up.

1
Create Your Account

AWS account setup done right

Go to aws.amazon.com and create an account. You need a credit card but the Free Tier covers almost everything in this course.

Critical security step: Immediately after signup, enable MFA on your root account. Go to the top-right menu → Security credentials → Assign MFA device. Use an authenticator app. Never use root account credentials for anything else.

Create an IAM User for daily work

In the console, go to IAM → Users → Create user. Give it a name like dev-user. Attach the AdministratorAccess policy for now (we'll scope it down in later lessons). Enable console access and generate an access key.

Sign out of root. Log back in with your IAM user. Use this account for everything from here on.

2
AWS CLI

Install the AWS CLI and configure it

Download the AWS CLI from docs.aws.amazon.com/cli/. After install, configure it with your IAM access key:

bash
aws configure

Enter your Access Key ID, Secret Access Key, default region (us-east-1), and output format (json).

Verify it works:

bash
aws sts get-caller-identity

You should see your Account ID and IAM user ARN. If you do, your CLI is configured correctly.

3
Create Bedrock Role

IAM role with Bedrock permissions

In IAM, create a new role. Select AWS service → Lambda as the trusted entity (we'll use this in Day 3). Attach these policies:

AmazonBedrockFullAccess — allows calling Bedrock models
AmazonS3ReadOnlyAccess — allows reading from S3 (for future lessons)

Name it bedrock-lambda-role. Copy the ARN — you'll need it on Day 3.

IAM mental model: Users are for humans. Roles are for services and code. When Lambda runs your AI pipeline, it assumes the role — it never has a username and password. This is the right way to grant AWS permissions to code.

4
Enable Bedrock

Request access to Claude on Bedrock

In the AWS console, search for Bedrock. In the left sidebar, go to Model access. Request access to the Anthropic Claude models. Access is usually approved within minutes.

Verify via CLI:

bash
aws bedrock list-foundation-models --region us-east-1 --query "modelSummaries[?contains(modelId,'anthropic')].modelId"

You should see a list of Claude model IDs. If you do, Bedrock is enabled and you're ready for Day 2.

Day 1 Complete

  • Created AWS account with MFA on root
  • Set up IAM user for daily work
  • Configured AWS CLI with access key
  • Created bedrock-lambda-role with correct permissions
  • Enabled Claude model access on Bedrock
Day 1 Done

Next: AWS Bedrock — Call Claude from Python

Day 2 makes your first Bedrock API call, explores model selection, and shows how Bedrock compares to calling Claude directly.

Go to Day 2
Course Overview Join Live Bootcamp
Finished this lesson?