AWS Toolkit - AWS Cloud9

AWS Toolkit

Why use the AWS Toolkit?

The AWS Toolkit is an extension for the AWS Cloud9 integrated development environment (IDE). This extension makes it easier for developers to access and work with a wide range of AWS services.


Support for the AWS Toolkit is provided as an integrated feature that's managed by AWS Cloud9. Currently, customers cannot customize the AWS Cloud9 IDE by installing third-party extensions.

At present, the following AWS services and resources can be accessed through the AWS Toolkit extension:


*The features provided by the AWS Toolkit for working with AWS Lambda functions and serverless applications replace the support previously provided in the Lambda section of the AWS Resources window. When it's enabled, the AWS Toolkit is your primary tool for working with Lambda functions, and the AWS Resources window isn't available.

Enabling AWS Toolkit

If the AWS Toolkit isn't available in your environment, you can enable it in the Preferences tab.

To enable the AWS Toolkit

  1. Choose AWS Cloud9, Preferences on the menu bar.

  2. On the Preferences tab, in the side navigation pane, choose AWS Settings.

  3. In the AWS Resources pane, turn on AWS AWS Toolkit so that it displays a check mark on a green background.

    When you enable the AWS Toolkit, the IDE refreshes to show the updated Enable AWS Toolkit setting and the AWS Toolkit option at the side of the IDE below the Environment option.

Managing access credentials for AWS Toolkit

AWS Toolkit allows you to interact with a wide range of AWS services, so you should ensure that the IAM entity that's used has the necessary permissions to interact with those services. The easiest way to obtain permissions is to use AWS managed temporary credentials, which work whenever an EC2 environment accesses an AWS service on behalf of an AWS entity (for example, an IAM user).

But if you've launched your development environment's EC2 instance into a private subnet, AWS managed temporary credentials aren't available. As an alternative, you can allow AWS Toolkit to access your AWS services by manually creating your own set of credentials called a profile. Profiles feature long-term credentials called access keys, which you can obtain from the IAM console.

Create a profile to provide access credential for AWS Toolkit

  1. To get your access keys (consisting of an access key ID and secret access key), go to the IAM console at

  2. Choose Users from the navigation bar and then choose your AWS user name (not the check box).

  3. Choose the Security credentials tab, and then choose Create access key.


    If you already have an access key but you can't access your secret key, make the old key inactive and create a new one.

  4. In the dialog box that shows your access key ID and secret access key, choose Download .csv file to store this information in a secure location.

  5. After you've downloaded your access keys, launch an AWS Cloud9 environment and start a terminal session by choosing Window, New Terminal.

  6. In the terminal window, run the following command:

    aws configure --profile toolkituser

    In this case, toolkituser is the profile name being used, but you can choose your own.

  7. At the command line, enter the AWS Access Key ID and AWS Secret Access Key that you previously downloaded from the IAM console.

    • For Default region name, specify an AWS Region (us-east-1, for example).

    • For Default output format, specify a file format (json, for example).


    For more information on the options when configuring a profile, see Configuration basics in the AWS Command Line Interface User Guide.

  8. After you've successfully created your profile, launch the AWS Toolkit, go to the AWS Toolkit menu, and choose Connect to AWS.

  9. For the Select an AWS credential profile field, choose the profile you've just created in the terminal (profile:toolkituser, for example).

If the selected profile contains valid access credentials, the AWS Explorer pane refreshes to display the AWS services that you can now access.

Identifying AWS Toolkit components

The screenshot below shows three key UI components of the AWS Toolkit:

        Labelled screenshot showing key UI components of the AWS Toolkit
  1. AWS Explorer window: Enables you to interact with the AWS services that are accessible through the Toolkit. You can toggle between showing and hiding the AWS Explorer using the AWS option at the left side of the IDE. For more about using this interface component and accessing AWS services for different AWS Regions, see Using AWS Explorer to work with services and resources in multiple AWS Regions.

  2. Toolkit menu: Allows you to manage connections to AWS, customize the display of the AWS Explorer window, create/deploy serverless applications, work with GitHub repositories, and access documentation. For more information, see Accessing and using the AWS Toolkit menu.

  3. AWS Configuration pane: Lets you customize the behavior of AWS services that you interact with using the Toolkit. For more information, see Modifying AWS Toolkit settings using the AWS Configuration pane.

Disabling AWS Toolkit

You can disable the AWS Toolkit in the Preferences tab.

To disable the AWS Toolkit

  1. Choose AWS Cloud9, Preferences on the menu bar.

  2. On the Preferences tab, in the side navigation pane, choose AWS Settings.

  3. In the AWS Resources pane, turn off AWS AWS Toolkit.

    When you disable the AWS Toolkit, the IDE refreshes to remove the AWS Toolkit option at the side of the IDE below the Environment option.

AWS Toolkit topics