How not to get charged as AWS Free Tier user

February 04, 2022

Making a security a priority

It all starts when you find stories on the Internet in which authors show how AWS unexpectedly charged them big money, and they're in trouble. I was very much afraid when I got started as a AWS Free Tier user that I will be in similar sitatuation. This shouldn't be the case if you make AWS account's security a priority. One of the stories that I found when I got started was "I was billed for 16k USD on Amazon Web Services.". The problem was tha the author exposed his AWS Secrets to the public through which some evil person decided to get advantage of. In a previous post I described the same problem and solution to it in an Electron environment.The goal of this article is to prevent doubts and anxiety related to this problem, so you can feel safe about your AWS account and bank account.

Add MFA to a root

First after you log in as a root to your AWS Account is add Multi Factor Authentication (MFA) to it. It makes your account not only rely on your password but also on external device that provides additional layer of security. This is not a place to show you how to do it but you can find more information about it in the AWS documentation or follow one of the step by step video tutorials like this one.

Use root as little as possible

If you have that covered, next good practice is to use root account as little as possible. Working on a root user can make big damage to services that you use if you can do everything that AWS allows with them.

Create a new user for your AWS account

To prevent your from doing mistakes (of course you cannot prevent in 100%) you can create a new user to your AWS Account that will have restricted rights. This not only applies to you, but also to others. Through managing their permissions, you can share limited access to your account with people that you want to work with. You can find more information about this in the AWS documentation. Remember that you can also setup MFA for your new admin user.

Setup budgeting

Finally, you can set up a budget for your AWS account. Here, we usually care about the cost that we will be charged for AWS services. As a user of AWS Free Tier account you may be afraid that some day you'll be charged more than you want. Depending on a threshold through AWS Budgets, you will be alerted when you are about to be charged more than you want. You can find more information about this in the AWS documentation.

This is just a basics. You can do much more to make your AWS account safer. If you are new to the cloud and you want to stay in AWS Free Tier limits, these are 3 steps that I would follow. Next step is to know the limits of the services that you want to use before you start using them, cause some of the services are not free to begin with. The place to understand limits AWS Free Tier is to visit the AWS page that lists all the available services and their tiers.

TLDR:

  1. Use MFA on your root user.
  2. Don't use root account if possible.
  3. Create a new user with limited access to your account.
  4. Set up a budget for your AWS account.
  5. Know the limits of the services you want to use.

All rights reserved © Kamil Staszewski 2022