Seed needs your AWS IAM credentials to deploy your project on your behalf to your AWS account. There are two ways to get your credentials.
Note that, Seed does not need
AdministratorAccess to deploy your application. It only needs a restricted set of permissions in addition to the ones required by Serverless Framework. You can read more about this in the Customizing your IAM Policy chapter.
1. Your Existing Credentials
This is the quickest way to get your IAM credentials. If you have run the
serverless deploy command in your terminal; you have probably configured your AWS CLI. And the IAM credentials are stored in
~/.aws/credentials. By running the following:
$ cat ~/.aws/credentials
The format of this looks something like this:
[default] aws_access_key_id = AKABCDEFGHIJ72LMNOPQ aws_secret_access_key = 7r0uzfABCDefgh11234567ijklmnop09875quwzs
aws_access_key_id is your IAM Access Key and
aws_secret_access_key is your IAM Secret Key.
While it is easy to get your existing credentials, it is better to create it from scratch. This gives you better control over what permissions are granted to Seed.
2. Create New Credentials
Log in to your AWS Console and select IAM from the list of services.
Select Add User.
Enter a User name and check Programmatic access, then select Next: Permissions.
This account will be used by Seed. It will be connecting to the AWS API directly and will not be using the Management Console.
Select Attach existing policies directly.
Here you can hit Create policy to provide a custom IAM policy based on the permissions your project needs. You can do this by following the instructions in the Customizing your IAM Policy chapter.
But if you are just looking for a quick way to test your project on Seed you can search for AdministratorAccess and select the policy, then select Next: Review. Note that, this is not recommended for apps that are being deployed to production.
Select Create user.
Select Show to reveal Secret access key.
Take a note of the Access key ID and Secret access key.
Use these as the IAM Access Key and the IAM Secret Key when you create your project.
If you have any questions or feedback feel free to contact us via email.