
API Credentials for Amazon Lightsail
Guide to obtaining tokens, keys, and connections.
To connect to the Amazon Lightsail API you need three pieces of information: the “Availability Zone” (the AWS region where you will use SES) and two security credentials: the “Access Key ID” (credential key) and the “Secret Access Key” (credential secret). Below you will find step-by-step instructions on how to obtain each of them from the AWS web console.
Availability Zone (SES Region)
-
1
Log in to the AWS Console with your root account or an IAM user that has permission to use SES.
-
2
In the top bar, click the region selector (it usually shows a name like “N. Virginia (us-east-1)”).
-
3
From the drop-down list, locate and note the region where you want to use Amazon SES (for example “US East (N. Virginia) us-east-1” or “Asia Pacific (Tokyo) ap-northeast-1”).
-
4
When configuring your application or SES API calls, add the specific Availability Zone letter if required (e.g., “us-east-1a”). In many cases using just the region (without the “a”, “b”, etc.) is sufficient.
Access Key ID (credential key)
-
1
In the AWS Console, click your account name (upper right) and choose “Security Credentials.”
-
2
Expand the “Access Keys (Access Key ID and Secret Access Key)” section. You will see a list of existing keys or an empty list if you have never created one.
-
3
Click “Create New Access Key.” AWS will display a box with your new Access Key ID and a button to download a .csv file.
-
4
Download the .csv file and store it in a safe place—it contains both the Access Key ID and the Secret Access Key.
-
5
The Access Key ID is the first column of the .csv file. Copy it: this will be your “credential key.”
Secret Access Key (credential secret)
-
1
Use the same .csv file downloaded in the previous step.
-
2
The second column of the .csv file is the Secret Access Key; copy it and store it in a secure password manager. This is the only time you will be able to view it.
-
3
When coding your application, supply the Access Key ID and Secret Access Key via environment variables or a configuration file that is not committed to your source code.
-
4
Follow best practices: rotate keys periodically and delete any that you no longer use.