By default when you create an AWS account, you need to create user accounts (called IAM Users) to use provisioned AWS services, for example Amazon S3 or Amazon EC2… These permissions are also very specific and minimal (least privilige) according to actions, Region and resources…
For some organizations where users are managed at Microsoft AD but still want to take advantage of this list of users to log in to use AWS without having to create additional independent users by organization and account AWS. AWS supports this feature called IAM Federation.
Create an AWS account, please refer to the lab CREATE A FIRST AWS ACCOUNT