Create an AWS policy and AWS API Access Key

Register AWS Policy, create User and API Credentials


You’ll need an existing or new Amazon Web Services (AWS) account. For more information, read this article on how do I create and activate a new Amazon Web Services account? in AWS’ documentation.


To deploy a cluster in your AWS account with Kublr, you’ll need to create an AWS policy and AWS API Access Key. All cluster resources (e.g. nodes) are created in your AWS account through the AWS API and will be managed by Kublr.

Use your AWS root account credential to sign in to the AWS Management Console. If you previously signed into the console with your IAM user credentials, your browser may open the IAM user sign-in page. To avoid that, choose sign in using your root account credentials to access the AWS account sign-in page.

Create an AWS Security Policy for Kublr’s API Access

  1. IAM console: choose Policies in the navigation column on the left.
  2. At the top of the page, choose Create Policy. Create Policy
  3. On the Create Policy page select JSON tab.
  4. In the Policy Document section, enter this policy profile Create Your Own Policy
  5. Click Review Policy.
  6. Enter the Policy Name.
  7. Click Create Policy to generate the policy.

Policy should be created. Create Your Own Policy

Create AWS User with Programmatic Access

  1. Choose Users in the navigation column on the left.
  2. At the top of the page, select Add User Add User
  3. Enter your username and select Programmatic Access.
  4. Click Next Permissions.
  5. Select Attach Existing Policy Directly Attach Existing Policy
  6. Select the policy you generated. Select the policy
  7. Click Next Review.
  8. Click Create User. Select the policy
  9. Copy Access Key ID and click Show to copy Secret access key. Or Download it. Note: This is the only time you can copy Secret access key for this Access Key ID.
  10. Click Close button. User is presented in the list.

Create a new AWS Access Key for existing user

  1. On the top right of the console, click on your account name or number. Then choose My Security Credentials.
  2. IAM console: choose Users in the navigation column on the left.
  3. Select User name in the list and clcik it.
  4. Open Security Credentials tab.
  5. Choose Create New Access Key. Create New Access Key Create New Access Key Success