Start tracking your progress
Trailhead Home
Trailhead Home

Create an Amazon Web Services (AWS) Account

What You'll Learn

In this step, you'll learn how to:

  • Create an Amazon Web Services (AWS) account.
  • Create a user with API access.
  • Download and install the AWS Command Line Interface.

In this step, we set up your AWS account so you can utilize it for creating an AWS Lambda function and your Alexa for Business organization. AWS Lambda is an Amazon Web Services offering that runs your code only when it's needed and scales automatically, so there is no need to provision or continuously run servers.

Create an Amazon Web Services (AWS) Account

Go to and create an AWS account. Check out this walkthrough for setting up an AWS account. Note: You’re required to provide a credit card number during account creation and there is an account verification process. All services and the usage of those services in this project are free of charge.

If you already have an account, sign in to the console.

Pro tip: Permissions on existing AWS accounts can prevent you from accomplishing all of the steps below. If you find yourself blocked or stopped, try creating a new account. Once signed in, click on the region next to your user name and select (US East N. Virginia)

The region dropdown is open on the AWS console and US East (N. Virginia) is selected.

Create a User with API Access

  1. In the AWS Console, type IAM in the AWS services search box at the top of the page and select IAM.

    AWS services search box, showing results when typing in IAM.
  2. Click Users.
  3. Click Add user.
  4. Provide a username: ASK_User
  5. For Select AWS Access Type, select Programmatic Access.
    Set user details page for AWS Identity and Access Management.
  6. Click Next: Permissions.
  7. On the Permissions page, select Attach existing policies directly. You add two policy types: IAMFullAccess and AWSLambdaFullAccess.
  8. In the search box, enter AWSLambdaFullAccess and then check the box next to the policy that shows up.

    Screenshot showing the selected option: “Attach existing policies directly.”
  9. Next, search for IAMFullAccess and check the box next to that policy.
    Pro tip: For this project, we use AWS managed policies, which are automatically updated as new permissions are added to these services. If you continue to develop Alexa skills using AWS, follow these AWS Identity and Access Management Best Practices to keep your resources secure.
  10. Click Next: Tags at the bottom right, then Next: Review.
    Screenshot of Cancel, Previous, and Next:Review buttons.
  11. Verify on the Review page that your two policies, IAMFullAccess and AWSLambdaFullAccess, are showing.

    Review page summarizing the user details and permissions summar.y
  12. Click Create user.
  13. On the Add user Success page, you can download a .CSV file containing the user’s Access key ID and Secret access key, or you can copy them directly from the page. Click Show to see the secret access key. Write these down. If you lose these keys, don’t worry. You can always generate new ones in the future if you need them.

    Screenshot showing the results of the Add User flow.
  14. Click Close when you’ve saved the keys.

Download and Configure the AWS Command Line Interface (CLI)

$ aws --version
aws-cli/1.11.84 Python/3.6.2 Linux/4.4.0-59-generic botocore/1.5.47
$ aws configure
AWS Access Key ID [None]: <Enter your access key ID>
AWS Secret Access Key [None]: <Enter your secret access key>
Default region name [None]: us-east-1
Default output format [None]: ENTER


We won’t check any of your setup. Click Verify Step to proceed to the next step in the project.