Identity and Access Management (IAM) users determine which services can access the content in your S3 bucket. Each user has three important components: an Access Key ID, a Secret Access Key, and a Policy. You created two policies in the previous step of this guide, one for CloudCannon and one for imgix.
Any software with the Access Key ID and Secret Access Key of an S3 user will be allowed to access the assets in your S3 DAM according to that user’s policies. You can view the Access Key ID for your S3 users any time, but the Secret Access Key is only visible during user creation.
Take note of your Access Key IDs and Secret Access Keys for each user. Once you leave the Create user page, you cannot view the secret key again. You can recreate your Access Key ID and Secret Access Key if you lose it. You can have a maximum of two access keys per user.
In this step, you will create two users and attach a policy to each.
- Open the AWS console and navigate to IAM under the Security, Identity, & Compliance section in the main menu.
- Navigate to Users under Access management.
- Click the Add Users button.
- Name the user “CloudCannon-to-S3”.
- Set the AWS credential type as” Access key - Programmatic access”.
- Click the Next: Permissions button.
- Click Attach existing policies directly and select the “CloudCannon Access Policy” policy you created earlier.
- Click the Next: Tags button, then the Next: Review button.
- Click Create user.
- Repeat steps 3 to 9 to create a second user. Name the user “S3-to-imgix” and select the “imgix Access Policy” you created earlier.