I was chatting with a buddy who was moving his web sites from dedicated hosting to AWS. Let’s just say the FTUE isn’t great. That triggered a quick brain-dump of what you should do when you first get started with AWS.

• understand pets v cattle. In aws all resources should be “cattle”, not pets. Periodically terminate instances to test this.
• activate cloudtrail (in all regions). Use Loggly to index cloudtrail (free or ~$20/mo)
• create restricted IAM users. Never use your root acct. Activate MFA.
• Use IAM ec2-instance roles instead of stored credentials whenever possible.
• Get familiar with IAM management ( use managed policies, groups & the policy tool) .
• Start using opsworks. Avoid launching EC2 instances directly through the console–quickly becomes a management nightmare.
• activate trusted advisor (and pay for the $100/mo upgrade)
• start creating cloudwatch alerts.
• Activate librato ($30/mo) and send cloudwatch to librato
• use loggly or cloudwatch logs
• get familiar VPC & security groups . Use POLP when creating Security groups
• understand regions & AZs – get familiar with cross-region latency.
• use multi-AZ RDS and extend the backup retention
• use the AWS forums – activate your forum account