AWS provides two types of access – AWS Management Console and Programmatic Access. This access is provided by the user creator at the time of creating the user account and can also be modified later.While the management console requires the use of a password, the programmatic access requires the AWS access key.
The programmatic access requires the use of Access keys. Access keys consist of an access key ID and secret access key, which are used to sign programmatic requests that you make to AWS. If you don’t have access keys, you or your admin can create them from the AWS Management Console.
The only time that you can view or download the secret access key is when you create the keys. You cannot recover them later. However, you can create new access keys at any time. You must also have permissions to perform the required IAM actions. For more information, see Permissions Required to Access IAM Resources in the IAM User Guide.
Create access keys for an IAM user:
Let us now look into the steps to create the access keys for an IAM user. The steps are very easy. All you need to do is follow through this guide.
1) Sign in to the AWS Management Console and open the IAM console
Click on this link – https://console.aws.amazon.com/iam/ . This will open the AWS Management console and take you to the IAM console.
2) In the navigation pane, choose Users
On the left side of the IAM console, click on the option “Users”.
3) Choose the name of the user whose access keys you want to create, and then choose the Security credentials tab.
In this example, I want to create the access key for the user named “vivek”. So, I click on “Vivek”.
Once I click on the iser, I can see the summary of the user account. Inside this user account, I have the option “Security credentials”
4) In the Access keys section, choose Create access key
Inside the “Security credentials” tab, there is an option to “Create access key” for the user. Clicking on the option creates a new pair of access keys for the user.
To view the new access key pair, choose Show. You will not have access to the secret access key again after this dialog box closes. Your credentials will look something like this:
- Access key ID: AKIAIOSFODNN7EXAMPLE
- Secret access key: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
To download the key pair, choose Download .csv file. Store the keys in a secure location. You will not have access to the secret access key again after this dialog box closes.
Things to pay attention to:
- You will not have access to the secret access key again after this dialog box closes.
- As a best practice, do not use the AWS account root user access keys for any task where it’s not required. Instead, create a new administrator IAM user with access keys for yourself.
- Keep the keys confidential in order to protect your AWS account and never email them.
- Do not share them outside your organization, even if an inquiry appears to come from AWS or Amazon.com. No one who legitimately represents Amazon will ever ask you for your secret key.
After you download the .csv file, choose Close. When you create an access key, the key pair is active by default, and you can use the pair right away.
Vivek is a Senior Embedded Engineer at Robert Bosch. He has been working on Embedded Systems for the past 10 years. He loves to share his knowledge and train those who are interested. Nerdyelectronics.com was started out of this interest.