AWS is powerful. But, as Spiderman says, with great power comes great responsibility.
Setting up AWS wrong exposes you to a wide range of issues. Your infra might get compromised, you might leak data, you might spend too much. It's scary.
But don't worry! It's possible to drastically reduce those risks by setting up your accounts right. This isn't even too hard.
Follow through the steps here and you'll be much better off.
This also applies if you already have AWS accounts. These changes can be made at any time. They might not fix the past but you'll be better off in the future.
There are a bunch of settings or AWS products which take effect at the account level. We'll turn them on first.
Almost all of these add some extra cost. We've found the increase in the AWS bill to be less than 0.5%, but it's worth keeping that in mind if the budget is really tight. In each item we call out where small amounts of cost can be saved.
There are some dependencies between these steps, so it's probably easiest to do them in order. That's not crucial though.
Most of these individual steps only take a few minutes when done manually. Click through the links to see detailed walk-throughs.