API Credentials for Amazon Lightsail

Guide to obtaining tokens, keys, and connections.

To connect to the Amazon Lightsail API you need three pieces of information: the “Availability Zone” (the AWS region where you will use SES) and two security credentials: the “Access Key ID” (credential key) and the “Secret Access Key” (credential secret). Below you will find step-by-step instructions on how to obtain each of them from the AWS web console.

Availability Zone (SES Region)

  1. 1

    Log in to the AWS Console with your root account or an IAM user that has permission to use SES.

  2. 2

    In the top bar, click the region selector (it usually shows a name like “N. Virginia (us-east-1)”).

  3. 3

    From the drop-down list, locate and note the region where you want to use Amazon SES (for example “US East (N. Virginia) us-east-1” or “Asia Pacific (Tokyo) ap-northeast-1”).

  4. 4

    When configuring your application or SES API calls, add the specific Availability Zone letter if required (e.g., “us-east-1a”). In many cases using just the region (without the “a”, “b”, etc.) is sufficient.

Access Key ID (credential key)

  1. 1

    In the AWS Console, click your account name (upper right) and choose “Security Credentials.”

  2. 2

    Expand the “Access Keys (Access Key ID and Secret Access Key)” section. You will see a list of existing keys or an empty list if you have never created one.

  3. 3

    Click “Create New Access Key.” AWS will display a box with your new Access Key ID and a button to download a .csv file.

  4. 4

    Download the .csv file and store it in a safe place—it contains both the Access Key ID and the Secret Access Key.

  5. 5

    The Access Key ID is the first column of the .csv file. Copy it: this will be your “credential key.”

Secret Access Key (credential secret)

  1. 1

    Use the same .csv file downloaded in the previous step.

  2. 2

    The second column of the .csv file is the Secret Access Key; copy it and store it in a secure password manager. This is the only time you will be able to view it.

  3. 3

    When coding your application, supply the Access Key ID and Secret Access Key via environment variables or a configuration file that is not committed to your source code.

  4. 4

    Follow best practices: rotate keys periodically and delete any that you no longer use.