Topics Map > Computing infrastructure > Amazon Web Services
Amazon Web Services (AWS), Requesting an Account
How to request an Amazon Web Services account
To sign up for an Amazon Web Services (AWS) account, click the "Request an AWS Account" link at aws.illinois.edu or go to https://go.illinois.edu/awsrequest. If you have questions about completing this form, please contact aws-support@illinois.edu.
Please review the account information provided here before completing the request. You should collect the following information:
- The account type: AWS Commercial account or AWS GovCloud account (Available in 2024).
- The account owner's email.
- Your department's IT contact email address. IT support will manage Active Directory groups on your behalf. To find your department IT support contacts, see your department’s main web page or see IT Links.
- Your department's Business office contact email address. To find your Business office, see your department's web page.
- Your Business office contact will generate a University CFOP billing account number and optional Activity Code that will be used to pay for AWS charges.
- Your data classification for any data used in the AWS account. For more information, see Data Classification.
There are different types of AWS accounts.
- AWS Commercial Accounts: The majority of AWS accounts are commercial accounts within AWS. AWS commercial accounts are typically used for courses, research, and services that support campus. These accounts can be created using this form.
- AWS GovCloud Accounts: This form will also allow you to create an account in the AWS GovCloud environment. Please note that AWS GovCloud accounts are 20% to 50% more expensive than commercial AWS accounts and supports a subset of services that are available on AWS Commercial accounts. AWS GovCloud is recommended when one or more of these conditions are required:
- The project involves controlled data, such as Controlled Unclassified Information (CUI)
- The granting agency requires the computing environment to comply with NIST 800-171, CMMC 2, or another compliance standard
- The granting agency requires FedRAMP Moderate or High
- The granting agency requires DoD Computing Security Requirements, Impact Levels 4 and 5
- AWS Mainland China Accounts: These accounts are handled separately from AWS Commercial or GovCloud accounts. If you require an AWS account in Mainland China, please contact cloud@illinois.edu.
Multiple users may access the AWS account using roles. There are four predefined default roles. Additional users and roles may be added after the account is created. The default roles are:
- Admins : for account administrator users (default for account requestors)
- Businessoffice : for Business office users used to monitor account expenses
- Powerusers : for developer users
- Prisma : for Cybersecurity users to check security settings
- Readonly : for Cybersecurity users to access the account for review purposes
Here's a list of all the fields and descriptions of the information required for each. those fields marked with a red asterisk (*) are required.
- * Account type. You can select the standard AWS Commercial account type or AWS GovCloud for projects that have additional security compliance requirements.
- * Account owner contact email(s). You can provide group or shared mailboxes. Multiple emails may be entered separated by spaces.
- * Account owner Manger's email or Project Manager's email. Multiple emails may be entered separated by spaces.
- * IT Support emails. IT support will manage Active Directory groups on your behalf. To find your department's IT support contacts, see your department’s main web page or see IT Links.
- * Billing contact/business office email(s). Billing contact will provide a CFOP number for billing purposes. To find your department's business office contacts, see your department’s main web page.
- * A CFOP is an account used to pay for AWS usage. A CFOP is a 19-digit number provided by your department’s billing/business office. For more information about CFOPs, see CFOAPAL Quick Guide. The format of the CFOP is 1-22222-333333-444444.
- University Activity Code (Optional). The use of an Activity Code varies between Business Offices. The Activity Code may be an alpha-numeric code. The activity code comes at the end of a CFOP: 1-222222-333333-444444-activity.
- * What group or project will this account support? You can list your department and/or research group name working on this project.
- If this is a student account, then the student's department IT would support it.
- If this is a research account, then the researcher or a graduate student is supporting it.
- If this is a production service, then there will be a department team supporting it.
- * What data classification do you have for your project? For more information, see Data Classification. Regular auditing will occur on accounts to discover if sensitive data is stored in the account. If sensitive data is found in the account, the account will require additional safeguards applied to the account, and/or the possible shutdown of the account. Here is a brief description of the data classification categories.
- Government restricted: Controlled Unclassified Information (CUI) and other National Security Information (NSI) data classifications.
- High Risk: Highly sensitive data includes, but is not limited to, information such as credit card data, social security numbers, driver’s license numbers, and medical records.
- Sensitive: Sensitive data includes, but is not limited to, information such as student (FERPA) protected data and information covered by Non-Disclosure Agreements.
- Internal: Internal Data includes, but is not limited to, information such as research data prior to publication.
- Public: Information that is classified as public information can be freely shared with the public and posted on publicly viewable web pages.
- * Funding source: Are you, or your funding source, in the Grainger College of Engineering? Yes/No
- * Will you need a Public S3 bucket for webpage content? Yes/No
- * Email alert threshold for monthly expenses? The Cloud Operations team will create a default monthly budget with email messages being sent once the budget reaches 80%. If desired, you can later edit the parameters for your budget in AWS Budgets.
- Additional email addresses for budget alerts. (Optional) Multiple emails may be entered separated by spaces.
- Estimated total AWS budget. (Optional)
- Estimated project end date. (Optional)
- * Is this a grant funded project? Yes/No
- * Is this account used for a course? Yes/No
- * Which AWS Regions do you expect to use? Do you expect to work in US-only Regions, or in other regions combined with US Regions located in South America, Europe-Middle East-Africa, or Asia Pacific? AWS offers services in multiple regions and edge locations. For more information, see AWS Regions. The choices are US-only regions or All regions.
- Do you have any specific requirements or other information about the account? (Optional) You can provide additional notes.
AWS is responsible for the following:
- Helping customers with design and implementation.
- Ensuring AWS service availability.
- Communicating and documenting service issues.
- Communicating and documenting service offerings.
- Providing support for escalated issues.
- Creating/deleting subscriptions.
- Re-billing for subscription charges.
- Helping customers with design and implementation.
- Escalating issues to AWS.
- Communicating about large issues or changes to AWS that could impact customers.
- Paying for the usage consumed within your AWS account.
- Monitoring usage for appropriate as well as unauthorized access, and to prevent unexpected costs from being incurred.
- Provisioning and de-provisioning resources within your AWS account.
- Securing access to their AWS account per university requirements, policies, and standards, and as appropriate to the system risk level. Risk level can be determined using the Risk Level questionnaire. Risk level takes into account both business process criticality and data classification.
- Securing the resources within their AWS account per university requirements, policies, and standards, and as appropriate to the system risk level.
- Ensuring that data is stored, processed, transmitted, and accessed per university requirements, policies, and standards, and as appropriate to the system risk level.
- Use the AWS account exclusively for University business in accordance with University policies pursuant to the State of Illinois Code of Personal Conduct.
- Ensuring the latest security updates are applied to virtual machines and other resources through a regular maintenance schedule.
- Designing the objects in your AWS account to meet applicable regulatory requirements.
- Staying up to date on changes made by AWS to AWS products.