MACRO NEPAL
AWS Cloud Get Started: A Zero-to-Hero Guide for Beginners
awiskar acharya
March 31, 2026
7:01 pm

Amazon Web Services (AWS) is the world's most comprehensive cloud platform. For beginners, the sheer number of services—over 200—can be overwhelming. This guide cuts through the noise, providing a structured path to go from "What is AWS?" to deploying your first scalable application.

1. The Core Concept: Understanding the AWS Global Infrastructure

Before touching a single service, you must understand how AWS is physically organized. This affects latency, disaster recovery, and pricing.

  • Regions: These are geographical locations (e.g., us-east-1 / North Virginia, eu-west-1 / Ireland, ap-southeast-1 / Singapore). Each Region is a separate geographic area designed to be isolated from the others for fault tolerance.
  • Availability Zones (AZs): Each Region is composed of multiple, isolated data centers known as Availability Zones. They are connected via high-speed, low-latency links. When architects say "highly available," they mean running applications across two or more AZs.
  • Edge Locations: These are content delivery endpoints used by CloudFront (AWS's CDN). They sit at the periphery of the network to cache data closer to users for lower latency.

2. Setting Up Your Account & Security (The "Root User" Trap)

When you first sign up, you use your email and password. This is the Root User. This account has unlimited access to everything. You should never use the Root User for everyday tasks.

Step 1: Enable Multi-Factor Authentication (MFA)

Immediately after creating the account, secure the root user.

  1. Go to IAM (Identity and Access Management).
  2. Click on "Users" -> Click "Root user" -> Manage MFA.
  3. Assign a virtual MFA (Google Authenticator or Authy).

Step 2: Create an Administrative IAM User

Create a regular user with admin privileges for your daily login.

Via AWS CLI (or Console):

{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "*",
"Resource": "*"
}
]
}

Save this as admin-policy.json and attach it to your new user.

3. Compute 101: Spinning Up Your First EC2 Virtual Server

AWS Elastic Compute Cloud (EC2) is the fundamental building block. It's essentially renting a virtual computer.

Launching a Free Tier Ubuntu Server

Method 1: AWS Console (Web)

  1. Navigate to EC2 Dashboard.
  2. Click Launch Instance.
  3. Name: MyFirstServer
  4. AMI (Amazon Machine Image): Select Ubuntu Server 22.04 LTS (Free Tier eligible).
  5. Instance Type: t2.micro (Free Tier).
  6. Key Pair (Login): Click "Create new key pair". Name it my-key. Download the .pem file. You cannot download this again.
  7. Network Settings: Allow SSH traffic from "My IP" (this locks it down to you only).
  8. Click Launch Instance.

Method 2: AWS CLI (Command Line)
If you have the AWS CLI installed and configured, you can launch it programmatically:

aws ec2 run-instances \
--image-id ami-0c55b159cbfafe1f0 \
--instance-type t2.micro \
--key-name my-key \
--security-group-ids sg-0a1b2c3d4e5f67890

Connecting to Your Server

Once the instance is "Running", connect via SSH:

chmod 400 my-key.pem
ssh -i "my-key.pem" ubuntu@<Your-Instance-Public-IP>

Success: You are now inside the AWS cloud.

4. Storage: S3 (Simple Storage Service)

S3 is the standard for object storage. It is infinitely scalable and used for hosting static websites, storing backups, and serving media.

Using AWS CLI to Interact with S3

Create a Bucket (Bucket names are globally unique):

aws s3 mb s3://my-unique-bucket-name-12345 --region us-east-1

Upload a File:

echo "Hello AWS" > hello.txt
aws s3 cp hello.txt s3://my-unique-bucket-name-12345/

Make a Public Readable File (for static hosting):

aws s3api put-object-acl --bucket my-unique-bucket-name-12345 --key hello.txt --acl public-read

Now you can access the file via: https://my-unique-bucket-name-12345.s3.amazonaws.com/hello.txt

5. Serverless: AWS Lambda (No Servers Required)

Lambda lets you run code without provisioning or managing servers. You pay only for compute time consumed (per millisecond).

Python Function Example (Hello World)

The Code:

import json
def lambda_handler(event, context):
# event contains input data (e.g., API request)
# context contains runtime information
name = event.get('name', 'World')
return {
'statusCode': 200,
'body': json.dumps(f'Hello, {name} from AWS Lambda!')
}

Deploy via CLI (after packaging):

zip function.zip lambda_function.py
aws lambda create-function \
--function-name HelloFunction \
--runtime python3.9 \
--role arn:aws:iam::123456789012:role/lambda-execution-role \
--handler lambda_function.lambda_handler \
--zip-file fileb://function.zip

6. Infrastructure as Code (IaC): CloudFormation

Clicking around in the console is great for learning, but it is error-prone for production. CloudFormation allows you to define your entire infrastructure in a YAML or JSON template.

A CloudFormation Template (YAML)

This template creates an S3 bucket and an EC2 instance simultaneously.

AWSTemplateFormatVersion: '2010-09-09'
Description: My First Infrastructure Stack
Resources:
MyS3Bucket:
Type: AWS::S3::Bucket
Properties:
BucketName: !Sub "my-cloudformation-bucket-${AWS::AccountId}"
MyWebServer:
Type: AWS::EC2::Instance
Properties:
InstanceType: t2.micro
ImageId: ami-0c55b159cbfafe1f0
Tags:
- Key: Name
Value: MyServerFromTemplate
Outputs:
BucketName:
Description: Name of the S3 Bucket
Value: !Ref MyS3Bucket
ServerId:
Description: Instance ID
Value: !Ref MyWebServer

Deploy the Stack:

aws cloudformation create-stack \
--stack-name my-first-stack \
--template-body file://template.yaml

7. Best Practices for Beginners

  1. Set a Billing Alarm: This is non-negotiable. Go to CloudWatch → Alarms → Create Alarm. Set it to trigger if estimated charges exceed $10. Many beginners forget to terminate resources and wake up to a large bill.
  2. Tag Everything: Use tags like Environment: Dev, Project: Tutorial. This helps you see exactly where money is being spent in the Cost Explorer.
  3. Use the Free Tier: AWS offers 12 months of free usage for specific services (750 hours of EC2 t2.micro, 5GB of S3, etc.). Always check if a service is free tier eligible before launching.
  4. Least Privilege: Never assign AdministratorAccess to an application. If your app only needs to write to S3, create a policy that only allows s3:PutObject.

Next Steps

  • Networking: Learn VPC (Virtual Private Cloud) to understand subnets, route tables, and internet gateways.
  • Containers: Explore ECS (Elastic Container Service) or EKS (Elastic Kubernetes Service) if you are familiar with Docker.
  • Databases: Try RDS (Relational Database Service) to launch a managed PostgreSQL or MySQL database.
Category : AWS

Leave a Reply

Your email address will not be published. Required fields are marked *


Macro Nepal Helper