aws-client-auth

Creates an authenticated client which is allowed to use the selected service REST API. The following is the application class diagram:

📝 You need to set up your AWS user's security credentials to be able to use the service REST API.

You do this by creating a file named credentials in the ~/.aws/ on Mac (*C:\Users\USER_NAME.aws* on Windows) and saving the following lines in the file:

[default]
	aws_access_key_id = your access key
	aws_secret_access_key = your secret key

For more information, see Providing AWS Credentials in the AWS SDK for Java and Welcome to Identity and Access Management.

🚨 To avoid accidental leakage of your credentials, DO NOT keep the credentials file in your source directory.

📝 At his time the application only provides authentication for EC2 and S3. New service authentication will be added.

Create AWS Access Credentials

To access Amazon Web Services, you need an AWS account and AWS credentials. To increase the security of your AWS account, it is recommended to use an Identity Access Management (IAM) user to provide access credentials instead of using your root account credentials.

Create IAM User Group

1. In the AWS dashboard click on Services.
2. In the Security, Identity & Compliance section, select IAM.
3. In the left pane, select the Groups menu item.
4. In the upper left click the Create New Group button.
5. Enter the name of the group.
6. Select the Permissions if any you want to apply to the entire group.
   For instance AmazonEC2 FullAccess, We recommend you do not assign any permission, assign them on user's basis instead.
7. Click the Next Step button.
8. Review the group info, then click the Create Group button.

Create Access and Secret Keys

1. In the AWS dashboard click on Services.
2. In the Security, Identity & Compliance section, select IAM.
3. In the left pane, select the Users menu item.
4. In the upper left, click thje Add user button.
5. In the User name box enter the name of your choosing.
6. In the Access type section, check mark the Programmatic access box.
   This enable access key ID and secret access key  for the AWS API, CLI, SDK, and other development tools.
7. Click the Next Permissions button.
8. At this point, you can add the user to an existing group (or create a new group).
9. Select the group for the user.
10. Click the Next Review button.
11. Click the Create user button.
12. In the bottom right, click the Close button.
13. Click on the name of the user you just created.
14. Click the Add permissions button.
15. Select the Attach existing policies button.
16. Search for one or more policy types you want to attach.
17. Check mark the box on the left of the policy names.
18. Click the Next Review button.
19. Click the Add permissions
button.
20. Click the Security credentials tab.
21. Click the Create access key button.
22. In the pop-up window, click the Donwload.csv file button. 
23. This downloads the accessKeys.csv file which contains the access key ID and secret access key to use in the credentials file.
24. Click the Close button.

---

Usage

In your client application follow these steps:

• Instantiate the AuthenticateAwsServiceClient class.
• Obtain the authenticated client.

The following is an example:

	// Instantiate the AuthenticateAwsServiceClient class. 
	AuthenticateAwsServiceClient authClient = 
	new AuthenticateAwsServiceClient();
			
	// Get the authenticated client. 
	ec2Client = authClient.getAuthenticatedS3Client(currentRegion);

📝 When you build your client application, assure that you add this aws-client-auth program in your client application program path.

References

• Set up AWS Credentials for Development
• Getting Started with the AWS SDK for Java
• Java Development Blog