Itβs a container for identities (users) and resources.
Every account has a root user
Account has an account payment method that is billed when paid resources are consumed.
Accounts can contain the impact of admin errors or exploits by bad actors.
Itβs recommended to use separate accounts for separate things (dev, test, prod), or teams, or products, or clients.
By default all access to an AWS account and resources is denied except for the root user.
