Amazon IAM credentials - Amazon Toolkit for Visual Studio
Creating an IAM userCreating a credentials fileEditing IAM user credentials from the toolkitEditing IAM user credentials from a text editorCreating IAM users from the Amazon Command Line Interface (Amazon CLI)
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Amazon IAM credentials

Amazon IAM credentials authenticate with your Amazon account through locally stored access keys.

The following sections describe how to set up IAM credentials to authenticate with your Amazon account from the Amazon Toolkit for Visual Studio.

Important

Before setting up IAM credentials to authenticate with your Amazon account, note that:

  • If you've already set IAM credentials through another Amazon service (such as the Amazon Amazon CLI), then the Amazon Toolkit for Visual Studio automatically detects those credentials.

  • Amazon recommends using Amazon IAM Identity Center authentication. For additional information about Amazon IAM best practices, see the Security best practice in IAM section of the Amazon Identity and Access Management User Guide.

  • To avoid security risks, don't use IAM users for authentication when developing purpose-built software or working with real data. Instead, use federation with an identity provider such as Amazon IAM Identity Center. For more information see the What is IAM Identity Center? in the Amazon IAM Identity Center User Guide.

Creating an IAM user

Before you can set up the Amazon Toolkit for Visual Studio to authenticate with your Amazon account, you need to complete Step 1: Create your IAM user and Step 2: Get your access keys in the Authenticate using long-term credentials topic in the Amazon SDKs and Tools Reference Guide.

Note

Step 3: Update the shared credentials is optional.

If you complete Step 3, the Amazon Toolkit for Visual Studio automatically detects your credentials from the credentials file.

If you haven't completed Step 3, the Amazon Toolkit for Visual Studio walks you through the process of creating a credentials file as described in the Creating a credentials file from the Amazon Toolkit for Visual Studio section, located below.

Creating a credentials file

To add a user to or create a credentials file from the Amazon Toolkit for Visual Studio:

Note

When new user profile is added from the toolkit:

  • If a credentials file already exists, the new user information is added to the existing file.

  • If a credentials file doesn't exist a new file is created.

  1. From the Amazon Explorer choose New Account Profile icon to open the New Account Profile dialog.

  2. Complete the required fields in the New Account Profile dialog and choose the OK button to create the IAM user.

Editing IAM user credentials from the toolkit

To edit IAM user credentials from the toolkit, complete the following steps:

  1. From the Credentials drop-down in the Amazon Explorer, choose the IAM user credential you want to edit.

  2. Choose the Edit Profile icon to open the Edit Profile dialog.

  3. From the Edit Profile dialog complete your updates and choose the OK button to save your changes.

To delete IAM user credentials from the toolkit, complete the following steps:

  1. From the Credentials drop down in the Amazon Explorer, choose the IAM user credential you want to delete.

  2. Choose the Delete Profile icon to open the Delete Profile prompt.

  3. Confirm that you want to delete the profile to remove it from your Credentials file.

Important

Profiles that support advanced access features, such as IAM Identity Center or Multi-factor authentication (MFA) in the Edit Profile dialog, can't be edited from the Amazon Toolkit for Visual Studio. To make changes to these types of profiles, you must edit the credentials fileusing a text editor.

Editing IAM user credentials from a text editor

In addition to managing IAM users with the Amazon Toolkit for Visual Studio, you can edit credential files from your preferred text editor. The default location of the credential file in Windows is C:\Users\USERNAME\.aws\credentials.

For more details on the location and structure of credential files, see the Shared config and credentials files section of the Amazon SDKs and Tools Reference guide.

Creating IAM users from the Amazon Command Line Interface (Amazon CLI)

The Amazon CLI is another tool you can use to create an IAM user in the credentials file, using the command aws configure.

For detailed information about creating IAM users from the Amazon CLI see the Configuring the Amazon CLI topics in the Amazon CLI User Guide.

The Toolkit for Visual Studio supports the following configuration properties:

aws_access_key_id
aws_secret_access_key
aws_session_token
credential_process
credential_source
external_id
mfa_serial
role_arn
role_session_name
source_profile
sso_account_id
sso_region
sso_role_name
sso_start_url