How To Generate AWS API Key


The process to configure your application to access AWS, requires to generate an AWS API Key and configure your application to use the AWS API Key. It is recommended to create an IAM user and assign only required permissions.

Open your AWS Console and then search for IAM (Identity and Access Management).

Click on Users (left panel) and then click on the Add User button.

Step 1: type a user name and then click on the Programmatic access checkbox .


Step 2: click the Attach existing policies directly button. There are several ways to make this. You can create your own policies or use groups. This is simple, secure and easy way.

Then select the proper policy for your application.

Step 2.1. Read Only Access (AWS Inventory, AWS Snapshot Manager):

If the application only generate reports, such AWS Inventory, the ReadOnlyAccess policy is enough and it will work for all AWS services.


Also, you can narrow the policy to specific AWS Services, such AmazonEC2ReadOnlyAccess policy.


Step 2.2. Full Access (Move EC2, Migrate RDS):

If the application will update or manage multiple AWS services, select the AdministratorAccess policy.


Step 2.3. Full Service Access Only:

If the application will update or manipulate one single AWS service, for example, the RDS service, select only the FullAccess policy for only the service, in this case AmazonRDSFullAccess policy.

Be careful with this option because mostly of application will use multiple services (Network, IAM, etc ) and they will fail.


Step 3: Add optional tags, in you want.


Step 4: Review the user settings and then click on the Create User button.


Step 5: Copy the AWS Access Key and AWS Secret Key and store in secure place.


Click here to configure your application to use the AWS API Key.