Amazon Web Services

Amazon Web Services (AWS) is a broad set of commercial compute, storage, database, analytics, application, and deployment services. These services are hosted in Amazon’s cloud with on-demand, reserved instance, and dedicated system pricing models. AWS also provides temporary free tier pricing for new users to use AWS services on a trial basis.

Things to Keep in Mind

Things To Keep In Mind

AWS is a paradigm shift.

Using AWS effectively requires re-thinking how you deploy services and un-learning how you’ve managed systems in the past. The internet is a helpful resource for learning from other people’s experiences with AWS. Some useful insights from the AWS community:

Please consult Amazon’s own published materials as well as using your favorite search engine to look for tips and information.

AWS Service Limits

When your account is created, Amazon places an initial limit on the number of AWS resources you can use. When you reach the limit, you will not be able to access additional AWS resources until you contact AWS Support and request a Service Limit increase. Amazon sets these limits to prevent new users from unintentionally requesting a large set of resources and incurring unexpected service charges.

Understand Your Security Responsibility

Always employ due care when processing, transmitting or storing sensitive information. See the Allowable Data Use for guidance, but SSNs, credit card numbers, and other personal information must never be stored in AWS. AWS has a core set of secure services, but it is up to each user to implement appropriate security controls and to comply with applicable University policies, notably policies relating to the protection of University data and the UC Electronic Communications Policy.

HIPAA Business Associates Agreement (BAA)

There is a system-wide BAA in place between AWS and UC.  In order to cover your AWS accounts under the terms of the UC AWS Enterprise Agreement (EA) and HIPAA Business Associate Agreement (BAA), please review the overview material provided by UCOP:

Amazon Web Services (AWS) Deployment Guidelines from UCOP

There is an additional registration step required as noted in the Overview document and the instructions below.  This is required if your AWS account will be processing, storing, or transmitting Protected Health Information (PHI) data.

Getting Help

Each AWS account comes with free “Basic Support” as defined on the Premium Support page listed below.

AWS accounts registered with the UC agreement also have access to an AWS Solution Architect. The Solution Architect can answer general technical questions about AWS services and is available if you would like to discuss/whiteboard architecture, design, and planning for a project on AWS. The Solution Architect can assist with non-urgent technical issues you need helping to debug.

You also have the option of purchasing higher levels of support directly from Amazon.

AWS Resources

AWS Resources

Additional Training Resources

There are many vendors who have training courses. OIT has used the following sites for AWS training:

How to Sign-Up for AWS

1. Create AWS Account

First, you’ll need to create an AWS account. Please see the “Create an AWS Account” video on the “Getting Started with AWS” link.

Use a UCI Email Address
When creating an AWS account, it will be linked to an e-mail address. Please use a UCI e-mail address; do not use a non-UCI e-mail address. If you think someone else will inherit this account after you leave UCI, we recommend that you register with a Group UCInetID.

Billing will be handled via a credit card. Please use your University PALcard when registering. Links are provided below for the pricing of AWS services including a simple monthly calculator for planning purposes.

2. Register AWS

After you have created your AWS account, submit your account information below. This will register your account under the University of California AWS Enterprise Customer Agreement.

ConfirmationYou’ll receive a confirmation message from OIT that your account has been registered. OIT will maintain a list of UCI registered AWS accounts and requestors.

3. Register AWS w/PHI Data

If your AWS account will be processing, storing, or transmitting Protected Health Information (PHI) data as defined by HIPAA, you must take the additional step of registering your account under the AWS UCOP BAA. Send an e-mail to with the following information:

  • The 12 digit AWS account ID and whether this account is an addition or removal from the BAA.
  • The name of the UC campus with which the account ID is primarily associated.
  • The name, role, and institution email address of the security point of contact for the above account ID. (This is the point of contact who would be alerted in the event of a HIPAA reportable event. Example: Jane Smith, Information Security Manager,

Once AWS has replied back that the request has been fulfilled, retain this email as confirmation of your request being completed.