How to create AWS restricted credentials (example for s3)

1) Go to and create new user then press next

2) Set permissions for your user by Attach one or more existing policies directly and then press next

3) Check if everything is ok and press create user

4) All done, save your Access key ID and Secret access key

You can see all your credentials here (1 user = 1 credential)

Now you can use this credential and it will have access only for s3 operations, all other operations will fail to process (like creating EC2 instances).

It is good practice to use different (and restricted) credentials (that means different users, because 1 user = 1 credential) for different apps so you can always control all your AWS usage per app.

Additional reading: