Setting up credentials for docker and AWS windows

Question

I'm attempting to set up a docker-machine on AWS from my computer and I want to use the ~/.aws/credentials file to connect and get going. I'm struggling to sort this out though. Can I check the structure of the credentials file.

I'm expecting to include the following text:

[default]
aws_access_key_id = key-pair-name-from-ec2-key-pair-list
aws_secret_access_key = <this is the bit I'm struggling with>

For the aws_secret_access_key do I need to include the contents of the .pem file which was downloaded when I created the key-pair, and if so then do I include the start and end comments and do I need to strip out the new lines?

I have tried to strip out the lines and strip out the comments but that didn't work, I have also tried to include just as is and again that didn't work. I've also tried the other option of preserving the new lines but removing the comments and again that didn't work.

Am I using the right secret here or is there something else that I should be doing. Is the [default] the correct thing to use or do I need to use [username]?

Answer 1

Key pairs are used only to connect to EC2 instances. To use AWS API's with CLI or any SDK, you have to obtain access key and secret. You can follow this steps to obtain them for your IAM user: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html#Using_CreateAccessKey

The best practice is to create a new user with only needed access rights and create a key for that user. And never expose AWS credentials to public domain.