Providing AWS credentials - AWS SDK for C++

Providing AWS credentials

To connect to any of the supported services with the AWS SDK for C++, you must provide AWS credentials. The AWS SDKs and CLIs use provider chains to look for AWS credentials in several different places, including system/user environment variables and local AWS configuration files. For details, see Credentials Providers in the aws-sdk-cpp repository in GitHub.

Create an AWS account and administrator user

  1. Create an account.

    To create an AWS account, see How do I create and activate a new AWS account?

  2. Create an administrative user.

    Avoid using your root user account (the initial account you create) to access the AWS Management Console and services. Instead, create an administrative user account, as explained in Creating your first IAM admin user and group.

    After you create the administrative user account and record the login details, sign out of your root user account and sign back in using the administrative account.

Create AWS credentials and a profile

To use the SDK, create an AWS Identity and Access Management (IAM) user and obtain credentials for that user. Then make them available to the SDK in your development environment by saving them to the AWS shared credentials file.

To create and use credentials

  1. Sign in to the AWS Management Console and open the IAM console at https://console.aws.amazon.com/iam/.

  2. Choose Users, and then choose Add user.

  3. Enter a user name. For this tutorial, we'll use SdkUser.

  4. Under Select AWS access type, select Programmatic access, and then choose Next: Permissions.

  5. Choose Attach existing policies directly.

  6. In Search, enter s3, and then select AmazonS3FullAccess.

  7. Choose Next: Tags, Next: Review, and Create user.

  8. On the Success screen, choose Download .csv.

    The downloaded file contains the Access Key ID and the Secret Access Key for this IAM user.

    Note

    You will not have another opportunity to download or copy the Secret Access Key.

  9. Treat your Secret Access Key as a password; save in a trusted location and do not share it.

    Warning

    Use appropriate security measures to keep these credentials safe and rotated.

  10. Create or open the AWS shared credentials file. This file is ~/.aws/credentials on Linux and macOS systems, and %USERPROFILE%\.aws\credentials on Windows.

  11. Add the following text to the AWS shared credentials file, but replace the example ID value and example key value with the ones you obtained earlier. Save the file. See Location of Credentials Files for more information.

    [default] aws_access_key_id = AKIAIOSFODNN7EXAMPLE aws_secret_access_key = wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY

The preceding procedure is the simplest of several possibilities for authentication and authorization. For other options, see below.

More information on user credentials

To explore other ways to provide credentials to SDKs, see the following: