Step 3: Create an Amazon Run As account - Amazon Elastic Compute Cloud
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Step 3: Create an Amazon Run As account

You must set up credentials that grant Amazon Management Pack access to your Amazon resources.

To create an Amazon Run As account

  1. We recommend that you create an IAM user with the minimum access rights required (for example, the ReadOnlyAccess Amazon managed policy works in most cases). You'll need the access keys (access key ID and secret access key) for this user to complete this procedure. For more information, see Administering Access Keys for IAM Users in the IAM User Guide.

    Users need programmatic access if they want to interact with Amazon outside of the Amazon Web Services Management Console. The Amazon APIs and the Amazon Command Line Interface require access keys. Whenever possible, create temporary credentials that consist of an access key ID, a secret access key, and a security token that indicates when the credentials expire.

    To grant users programmatic access, choose one of the following options.

    Which user needs programmatic access? To By
    IAM Use short-term credentials to sign programmatic requests to the Amazon CLI or Amazon APIs (directly or by using the Amazon SDKs). Following the instructions in Using temporary credentials with Amazon resources in the IAM User Guide.
    IAM

    (Not recommended)

    Use long-term credentials to sign programmatic requests to the Amazon CLI or Amazon APIs (directly or by using the Amazon SDKs).    		 Following the instructions in Managing access keys for IAM users in the IAM User Guide.

  2. In the Operations console, on the Go menu, click Administration.

  3. In the Administration workspace, expand the Run As Configuration node, and then select Accounts.

  4. Right-click the Accounts pane, and then click Create Run As Account.

  5. In the Create Run As Account Wizard, on the General Properties page, in the Run As account type list, select Basic Authentication.

  6. Enter a display name (for example, "My IAM Account") and a description, and then click Next.

    Configuring an Amazon Run As account.

  7. On the Credentials page, enter the access key ID in the Account name box and the secret access key in the Password box, and then click Next.

    Storing the access key ID and secret access key.

  8. On the Distribution Security page, select More secure - I want to manually select the computers to which the credentials will be distributed, and then click Create.

    Distribution security option.

  9. Click Close.

  10. In the list of accounts, select the account that you just created.

  11. In the Actions pane, click Properties.

  12. In the Properties dialog box, verify that the More Secure option is selected and that all management servers to be used to monitor your Amazon resources are listed.

    Management servers.