You are currently viewing content for use with Unity game engine software. See all AWS GameKit documentation
Get your AWS security credentials
Summary
AWS GameKit users must have an AWS account and security credentials to use the plugin. This topic helps plugin users or AWS account administrators get credentials for an AWS user.
AWS GameKit users must sign in to the plugin with their AWS user security credentials. These credentials authorize a user's programmatic access to AWS so that they can create and manage their game's cloud backend directly from the plugin.
Use the following procedures to get security credentials for an existing AWS user. To create new users with AWS GameKit access, see Set up AWS account for AWS GameKit.
Retrieve security credentials
AWS users must store security credentials locally. Look for your existing security credentials in the following locations:
-
For AWS users created with the
create_IAM_user.py
script (included in the AWS GameKit plugin download), the script generates security credentials for the user and saves them to[username]_credentials.txt
file. If you ran the script, the file is saved to your local machine in the directory...\policies\
. -
When generating security credentials through the AWS Management Console, you can download the credentials to a local file named
.<user name>
_accessKeys.csv -
If you've used your credentials with the AWS GameKit plugin or other AWS programmatic tools, they may be saved to your home directory (for example:
C:\Users\
).<user ID>
\.aws\credentials
Generate new security credentials
If you don’t have valid security credentials, or you've lost your existing credentials, follow these instructions to create new ones for your AWS user.
Note
For AWS users created with the create_IAM_user
script (included in the
AWS GameKit plugin download), use the instructions for the AWS Identity and Access Management (IAM) user type. You
can get short-term or long-term access keys for these users.
Users need programmatic access if they want to interact with AWS outside of the AWS Management Console. The way to grant programmatic access depends on the type of user that's accessing AWS.
To grant users programmatic access, choose one of the following options.
Which user needs programmatic access? | To | By |
---|---|---|
Workforce identity (Users managed in IAM Identity Center) |
Use temporary credentials to sign programmatic requests to the AWS CLI, AWS SDKs, or AWS APIs. |
Following the instructions for the interface that you want to use.
|
IAM | Use temporary credentials to sign programmatic requests to the AWS CLI, AWS SDKs, or AWS APIs. | Following the instructions in Using temporary credentials with AWS resources in the IAM User Guide. |
IAM | (Not recommended) Use long-term credentials to sign programmatic requests to the AWS CLI, AWS SDKs, or AWS APIs. |
Following the instructions for the interface that you want to use.
|
Securing credentials with the AWS GameKit plugin
It's safe to enter your AWS account credentials into the AWS GameKit plugin. AWS GameKit never stores your credentials with your game project or in the AWS GameKit configuration files. Credentials are never included in game distributables.
The AWS GameKit plugin asks for your AWS credentials during set up for your game project. By default, your credentials are cached locally so you don't need to re-enter them. You can enter different credentials at any time, such as when switching environments.
Tips for protecting your credentials with AWS GameKit:
Don't download the AWS GameKit plugin from anywhere other than an official source.
Don't enter credentials in your game code, even in test code for convenience.
Avoid storing credentials locally in files that are shared. The AWS GameKit plugin option "Store my credentials" saves your credentials to your home directory (
~/.aws/credentials
). This standard location is used by other AWS tools.
Related AWS topics
Understanding and Getting your AWS credentials, Programmatic access, AWS General Reference
Best practices for managing AWS access keys, AWS General Reference
Where are configuration settings/credential information stored?, AWS Command Line Interface User Guide