Advantages of "Access key ID & Secret access key" over "Username and password"
I understand in AWS, "Access key ID & Secret access key" is similar to "Username and password".
While using/configuring CLI, "Access key ID & Secret access key" is saved in "credentials" file. So it is similar to saving "Username and password" in a plain text file.
In CLI, technically we can use only "Access key ID & Secret access key", but not "Username and password".
Apart from this, is there any advantages exists of using "Access key ID & Secret access key" over "Username and password" ?
Access keys are long-term credentials for an IAM user. You can use access keys to sign programmatic requests to the AWS CLI or AWS API (directly or using the AWS SDK).
As a best practice, use temporary security credentials (IAM roles) instead of access keys. Please refer to section "Use IAM roles instead of long-term access keys" in the following link for more details: https://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html
It is a matter of what kind of access is needed. AWS requires different types of security credentials depending on how you access AWS. For example, you need a user name and password to sign in to the AWS Management Console and you need access keys to make programmatic calls to AWS or to use the AWS Command Line Interface or AWS Tools for PowerShell.
Additionally, You can also create and use temporary access keys, known as temporary security credentials. In addition to the access key ID and secret access key, temporary security credentials include a security token that you must send to AWS when you use temporary security credentials.
Hope this helps.
AWS requires different types of security credentials depending on how you access AWS. The article understanding and getting your AWS credentials explains the various types of credentials and covers username/password and programmatic credentials.
Relevant questions
Not able to connect with Tableau Desktop to Amazon Athena. Error: AA76601F
asked 6 months agoRotating the Old AWS Access Key, for a New AWS Access Key in WorkMail
Accepted Answerasked 5 months ago[MOVED] How to use openpgp card to store secret access key?
asked 4 months agoPassword/SSH based authentiaction for AWS CLI // authentication for AWS CLI without needing access keys
Accepted Answerasked 4 months agoClient XYZ is configured for secret but secret was not received
asked a month agoaws s3: AWS Access Key Id you provided does not exist in our records
asked 5 years agoRecording multiple RTSP streams h265 format using Gstreamer and kvssink
asked 8 months agoAdvantages of "Access key ID & Secret access key" over "Username and password"
asked 3 months agoI can't get my Cognito license
asked 8 days agoIs it safe to give my AWS account credentials to AWS GameKit in the game engine? (Access Key ID and Secret Access Key)
Accepted Answerasked a month ago