0

I am thinking of getting an AWS account for hosting some hobby bots of mine. I have an online collaborater also in my hobby - we don't know each other personally not even our real names. Mainly because we met each other in a political forum though our hobby in unrelated to politics. If I get a paid AWS account using my credit card, would I be able to create a separate login credential for him on my account such that no personal info of mine would be visible to him - like credit card number or name etc?

Improve this question
4
  • Amazon web service questions are on topic here only if the question is about the operating system or using a PC application hosted there.
    – Mokubai
    Commented Jun 6, 2021 at 10:29
  • @Mokubai - my question had a running bounty. Was my bounty credited back - i am not sure how to check?
    – user93353
    Commented Jun 6, 2021 at 10:57
  • @Mokubai - also do you know which stackexchange site would this question be appropriate for?
    – user93353
    Commented Jun 6, 2021 at 11:00
  • Your bounty does appear to have been refunded. No I don't know where this might be appropriate. Not all topics have a site at Stack Exchange. Maybe Web Applications but your question is more about the backend and company billing than it is actually using their webapp.
    – Mokubai
    Commented Jun 6, 2021 at 14:07

1 Answer 1

Reset to default
0

Yes. AWS has an Identity and Access Management (IAM) system that allows you to give him limited web and/or programmatic access to AWS resources.

Once you have created the AWS account you'll have what is called a root user. Give that user a complex password and protect it with multi-factor authentication (MFA). The root user should not be used for day-to-day operations.

For that you open the IAM section and create a new user for yourself. You can then assign that user roles and policies that grant it the capabilities you need.

Finally, you do the same for your collaborator. Make sure to only give his account the permissions that he really needs. Send him the AWS console link (the login page), username and password (and if programmatic access is required the access key id and access key secret).

Here's how it looks like when you try to access the payment section without having the required permissions:

aws-billing-access-denied-msg

Improve this answer
4
  • Thank you very much!!!
    – user93353
    Commented Jun 6, 2021 at 10:59
  • Looks like the mods have closed the question as off-topic - I have another question also but they closed that also - in the free tier, is it possible to change some settings where by your account gets locked rather than your credit card being charged if you cross the free tier limits
    – user93353
    Commented Jun 6, 2021 at 11:02
  • If I give the user sudo permissions would that allow him to access billing info?
    – user93353
    Commented Jun 6, 2021 at 11:09
  • There's no built-in way to prevent your card from being charged when you exceed free limits as far as I know. Also the IAM roles and permissions are really fine grained. By default only the account owner (root user) can access the billing information: see docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/…
    – megamorf
    Commented Jun 6, 2021 at 11:25

Not the answer you're looking for? Browse other questions tagged .