Specify your credentials and default Region
Before you make an API call using the AWS SDK for Rust (the SDK), you must first obtain credentials and put them where the SDK can find them. You also need to specify the correct AWS Region. There are several ways to do this, depending on your use case and needs.
Provide credentials to the SDK
Two values comprise credentials: an access key ID and a secret access key. If you haven't created these two values, see the Get started with the AWS SDK for Rust topic for information about retrieving your credentials.
Note
Avoid using a stored access key ID and secret access key as long-term credentials. Instead, your application should use a service such as Amazon Cognito to obtain a temporary access key ID and secret access key. Then, use them to create a static credential provider to use when creating your service objects.
Once you have your credentials, make sure the SDK can retrieve them from one of the following locations. It will search these locations for credentials and will use the first ones it finds.
-
In the environment variables
AWS_ACCESS_KEY_ID
andAWS_SECRET_ACCESS_KEY
-
In Web Identity Token credentials from the environment or container (including Amazon EKS)
-
As entries in the
credentials
file in the.aws
directory in your home directory (~/.aws/credentials
on Linux, macOS, and Unix;%userprofile%\.aws\credentials
on Microsoft Windows):[default] aws_access_key_id=YOUR-ACCESS-KEY aws_secret_access_key=YOUR-SECRET-KEY
-
Using a named profile specified in the
credentials
file via theAWS_PROFILE
environment variable -
From the EC2 Instance Metadata Service (IAM Roles attached to an instance)
Specify a Region
Because most resources reside in a specific AWS Region, you must supply the correct Region for the resource when using the SDK.
The SDK looks for Regions in a specific order, similar to how it looks for credentials. The SDK looks in the following order for a default Region:
-
In the environment variable
AWS_REGION
. -
As an entry in the
credentials
file in the.aws
directory in your home directory (~/.aws/credentials
on Linux, macOS, and Unix;%userprofile%\.aws\credentials
on Microsoft Windows):[default] region=YOUR-DEFAULT-REGION
-
As an entry in the
config
file in the.aws
directory in your home directory (~/.aws/config
on Linux, macOS, and Unix;%userprofile%\.aws\config
on Microsoft Windows):[default] region=YOUR-DEFAULT-REGION