Generate a IAM Access Key Pair for Amazon Web Services
Whether you’re looking to upload files to Amazon S3, launch an EC2 instance or query a table in DynamoDB, Amazon Web Services offers the ability to do so easily thanks to its robust API.
In order to access Amazon Web Services API, you’ll need to supply it with valid credentials. In their list of best practices for identity and access management, Amazon recommends creating individual users with their own unique set of security credentials as opposed to using your root user’s credentials.
In this guide I’ll show you how to create a new user in the Amazon Web Services Identify and Access Management Console, assign it specific access privileges and generate a key pair for it.
Log into Amazon Web Services
Log into the AWS Management Console.
IAM Management Console
After you’ve logged in, you’ll next need to navigate to the IAM Management Console.
On the top navigation menubar click the Services link.
From the drop-down list, select IAM which is located within the Security, Identity & Compliance section.
Next you’ll create the IAM user who you will generate a access key for.
On the navigation bar click the users link.
Click the add user button.
Enter your desired user name into the user name field.
For access type select the programmatic access option. This step is important as otherwise your user won’t have access via a key pair.
Click the create group button.
Now you’ll need to determine what access your user will have.
For this example, I’ll show you how to assign your user full access privileges to Amazon S3. If your user requires a different access policy, you can select it accordingly.
Name it S3AccessFull.
For the policy filter put S3 and select the AmazonS3FullAccess policy.
Click the blue create group button.
Next you’ll be able to review your choices and then create the user.
After you create the user, you’ll now see the access key information for it.
Make sure to store your key pair’s information. Either save the CSV file, or copy down the information now, as it will only be displayed once. If you misplace this information, you’ll have to delete the key and generate a new one.
Are you planning on doing something cool with AWS? Did you have trouble with one of the steps? Let us know in the comments below.