Before You Create Your AWS Account

Before You Create Your AWS Account

AWS is a Paradigm Shift

 

Using AWS effectively requires rethinking how you deploy services and changing how you’ve managed systems in the past. There are many helpful resources from the AWS community:

Please consult Amazon’s own published materials as well as searching Google for AWS tips and information.

AWS Service Limits

 

When your account is created, Amazon places an initial limit on the number of AWS resources you can use. When you reach the limit, you will not be able to access additional AWS resources until you contact AWS Support and request a service limit increase. Amazon sets these limits to prevent new users from unintentionally requesting a large set of resources and incurring unexpected service charges.

Understand Your Security Responsibility

 

AWS has a core set of secure services, but it is up to each user to implement appropriate security controls and to comply with applicable University policies, notably policies relating to the protection of University data, electronic data security policies, and the UC Electronic Communications Policy. Under AWS’s Shared Responsibility Model, security and compliance is a shared responsibility between AWS and the AWS customer. Some of your responsibilities include, but are not limited to, patching, configuration management, logging, and monitoring. All applications must be reviewed by the IT Security Risk Management team. Please contact SOM Tech if you are planning on using AWS for sensitive or restricted data under the UCSF Data Classification Standard.

HIPAA Business Associates Agreement (BAA)

 

There is a UC-wide BAA in place between AWS and UC. In order to cover your AWS accounts under the terms of the UC AWS Enterprise Agreement (EA) and HIPAA Business Associate Agreement (BAA), please review the UCOP overview material at the link below:

There is an additional registration step required if your AWS account will be processing, storing, or transmitting restricted data, like Protected Health Information (PHI). If you do not take this additional step, the PHI will not be covered by the UCOP AWS contract and the BAA. Please review the HIPAA-eligible services:

Please be aware that you maintain responsibility for data protection in the cloud. Review our  AWS Security and HIPAA regulatory resources, the AWS HIPAA reference deployment guide and the AWS HIPAA Security Controls Reference to understand your deployment responsibilities. Please contact SOM Tech if you are planning on using AWS with Protected Health Information (PHI). SOM Tech provides free guidance and information in the areas of billing, procurement, AWS account creation, IT security review, legal and privacy issues, AWS org structure, and vendors.

Getting Help

 

Each AWS account comes with free “Basic Support” as defined on the Premium Support page listed below.

AWS accounts registered with the UC agreement also have access to an AWS solution architect. The solution architect can answer general technical questions about AWS services and is available if you would like to discuss or whiteboard architecture, design, and planning for an AWS project. The solution architect can assist with non-urgent technical issues. Once your account is established, email Matt Jamieson to set up a discussion for solution architecture.

You also have the option of purchasing higher levels of support directly from Amazon.

Features

Products and services include:

  1. Virtual servers in the cloud (EC2)
  2. Scalable storage in the cloud (S3)
  3. Low-cost data backup service (Glacier)
  4. Relational database (RDS) and non-relational (DynamoDB) database stores
  5. High-performance computing on top of Hadoop (EMR)
  6. Email sending (SES) and push notification services (SNS)

Go to http://aws.amazon.com/products for a complete listing of AWS products and services.

Return to Overview page Top of page