API Setup: Amazon Web Services (AWS)

In the AWS web console, head to Identity and Access Management. Select Users and Create a User with an appropriate name. This user will serve as a service account. Ensure "Provide user access to the AWS Management Console" is unselected. Proceed next one this is done.

In the "Set permissions" step, ensure that AmazonEC2FullAccess, AWSCloudTrail_ReadOnlyAccess, AWSPriceListServiceFullAccess policies are applied and click Next.

• EC2 permissions are required for syncing, starting and stopping machines

• Cloud Trail permissions are required for extracting information about which user last modified a machine

• Price List permissions is for fetching accurate machine cost data

Double check that the correct policies have been applied and select Create User. A message saying "User created successfully" should appear.

On the IAM Users page, select the newly created user on the user list, navigate to the Security credentials tab and then scroll down to Access keys.

Select "Create access key" and then "Third party service". AWS provides a warning about creating long-lived access key tokens - accept the warning and continue by clicking "Next". You can use a tag to describe the access key that's being created if required. Once done, click "Create access key".

Your Access Key and Secret Access Key will be displayed. Please note that these will only ever be displayed on this page once, so save/copy them to a secure location (e.g. password/key manager).

These values can then be entered on the API Keys page on Control Plane.