AWS Access Credentials - Access Keys

Follow

To use Cloudmgr and many other 3rd party tools in the AWS Eco System you are required to supply the Access Keys to the application. This allows the application to talk to AWS in a secure way via the API (Application Programming Interface).

Cloudmgr requires your Account ID, Access Key ID and Secret Access Key

Access Keys in more detail

Access Keys

Your access keys are based on the idea of symmetric key cryptography. We recommend you take a few minutes to familiarize yourself with it to help you understand how AWS uses your access keys to secure your requests. For more information about symmetric key cryptography, go to http://en.wikipedia.org/wiki/Symmetric-key_algorithm.

Purpose Making requests to AWS product REST or Query APIs.

You might be using a third-party product such as S3Fox that requires your access keys (because the product itself makes AWS requests for you).

Although access keys are primarily used for REST or Query APIs, Amazon S3 and Amazon Mechanical Turk also use access keys with their SOAP APIs.
Getting Them AWS provides them on the Access Keys tab on the AWS Security Credentials page.
Replacing Them For security purposes, we recommend you change your access keys every 90 days. For more information, see Access Credential Rotation.
Parts & Usage
    • Access Key ID—Your Access Key ID identifies you as the party responsible for service requests. You include it in each request, so it's not a secret.

  • Secret Access Key—Each Access Key ID has a Secret Access Key associated with it. This key is just a long string of characters (and not a file) that you use to calculate the digital signature that you include in the request. Your Secret Access Key is a secret, and only you and AWS should have it. Don't e-mail it to anyone, include it any AWS requests, or post it on the AWS Discussion Forums. No authorized person from AWS will ever ask for your Secret Access Key.

When you create a request, you create a digital signature with your secret key and include it in the request along with your Access Key ID. When we get the request, we use your Access Key ID to look up the corresponding Secret Access Key. We use the key to validate the signature and confirm that you're the request sender.

 

Have more questions? Submit a request

Comments

Powered by Zendesk