Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

how to generate Access key & secret key for AWS roles

I want to manage the my AWS environment using PowerShell. We are getting access through IAM roles. I am facing trouble to generate the Access key & secret key for my IAM role. Can someone guide me how can i generate these keys.

like image 757
Avinash Jaiswal Avatar asked Jan 16 '18 04:01

Avinash Jaiswal


People also ask

Where do I get my AWS access key?

You can see the AWS secret access key only once immediately after creating. So, in order to get a secret key, you will need to create a new one. 4 To generate new access keys, click the Create New Access Key button. 5 Click Show Access Key to have it displayed on the screen.

How do I get the IAM role access key?

If your goal is to generate IAM access keys for a new user, login to the AWS console, go to IAM, go to users, Add User, click "Programmatic access", then Set permissions for the user and finish by creating the user. On the next screen will be the access keys.

What is access key ID and secret key?

Access Keys are used to sign the requests you send to Amazon S3. Like the Username/Password pair you use to access your AWS Management Console, Access Key Id and Secret Access Key are used for programmatic (API) access to AWS services. You can manage your Access Keys in AWS Management Console.


2 Answers

An IAM Role can only be used by an IAM User. This is because the User needs to authenticate to AWS to prove that they are that user. This will then provide IAM User credentials.

If you then wish to use a role, you can use the User credentials to call Use-STSRole, which will assume the role and return a set of credentials associated with the Role. (Note: The credentials will expire after a period of time, typically one hour.)

For more details, see: Switching to an IAM Role (Tools for Windows PowerShell)

like image 114
John Rotenstein Avatar answered Sep 20 '22 13:09

John Rotenstein


You do not generate IAM Access Key / Secret Key for roles. AWS generates these for you and makes them available in the instance's metadata.

The AWS Tools for Windows PowerShell will automatically extract the access key / secret key from the instance's metadata if you have installed PowerShell and the AWS Tools correctly.

This link will provide more information about PowerShell and IAM Roles:

IAM Roles for EC2

[Update after new comment]

If your goal is to generate IAM access keys for a new user, login to the AWS console, go to IAM, go to users, Add User, click "Programmatic access", then Set permissions for the user and finish by creating the user. On the next screen will be the access keys. You need to download (or copy) the Secret access key as it will NOT be shown again.

For an existing user, click on the user, click on the "Security credentials" tab, then click the "Create access key" button. Copy or download the keys. Note: You cannot access previously created access keys. If you have lost the secret access key, then you have to generate new ones.

Managing Access Keys for Your AWS Account

like image 29
John Hanley Avatar answered Sep 18 '22 13:09

John Hanley