Amazon Web Services access keys tutorial

Submitted by jon on Tue, 07/30/2013 - 11:43

Hello again. This is Jon Griffin. I just want to talk to you about a little change in your Amazon Web Services account that you may or may not have noticed. That is that your security credentials are changing. It's not that they're going away or anything has to change, but there are no longer going to show you, online, what your secret code is.

Amazon Web Services access keys

If you go to your security credentials, access keys, you'll see that we have one that I deleted that I just made. Here's my old one from 2008. What you're going to want to do is create a new root key. What's going to happen then, is it's going to pop up, “You have successfully created a new access key and secret key with ID, blah, blah, blah, blah, blah.” You can try and hack that. I'm going to delete it, so don't worry. “Please download your key file now, which contains your new access key ID and secret access key.” What that actually does, is gives you a CSV. You need to install it and you need to save it and you need to put it somewhere safe. They are no longer going to have a way, on the web, for you to find out what your secret key is.

Download your Amazon Web Services access keys

Assuming that you download it, here's what it will look like in Excel. You'll get AWS access key ID, which is this number. Then, you go right down there and it gives you your secret key. You'll have to, obviously, copy it like that. If you just want the access key, which isn't secret, is that one. This one is no longer any good, so don't bother to try and hack me. We'll close that down. I didn't download it, so it warned me to do that, but I'm going to delete it anyway, so it doesn't matter. We'll close that.

Be prepared for Amazon Web Services changes

What we have here is the one from 2008, which is what I've been using. It's like, "Oh crud. I forgot where that is." In the meantime, you can go click on this right here. Use the legacy security credentials and it's going to ask me to log in. Then, you'll notice at the top, “Please use the new page named your security credentials, blah, blah, blah. AWS will support the current page for a limited time.” Of course they don't tell you, but it's going to go away and it'll probably even be at an inopportune time. You might as well change that.

What we have here is there's my March 10th, 2008. Obviously, I can just click, show secret access key, which I won't. Here's the one that I just created, which I will show you, because I'm going to get rid of it. It says, "Store your secret access key in a secure location. You will not be able to get your secret access key after this page is removed." Basically, I would put it at least on your local machine.

Be careful where you save your Amazon Web Services access key information

If you want to, encrypt it and put it on Drop Box or some other place that is good. Don't put it on Amazon S3, because if you forget your access key, you're not going to be able to get on your S3, theoretically. Put it somewhere safe. If you need to encrypt it, that's fine. There's ways to do that. If you're really paranoid, you can put it on two or three different places. Generally, you don't need to change your access keys that much. You can see I've been using the same one. If you want to have up to two, that's what Amazon allows you.

I hope that helps and make sure that you keep these access keys safe and backed up.

Category