Create Credentials

This guide will help you to create your Amazon Web Services (AWS) credentials for Qovery. Those credentials will be used to create a Kubernetes cluster, a dedicated VPC and a few services on your AWS account. Refer to our Infrastructure page to learn more about the infrastructure created by Qovery.

Before you begin, this page assumes the following:

• You have an AWS account

Generate AWS credentials

We support two authentication methods for AWS: Assume Role via STS and Static Credentials (Access Key & Secret Access Key).

For security reasons, we strongly recommend using Assume Role via STS. Static credentials are long-lived and more exposed to leaks, while Assume Role provides short-lived, automatically refreshed credentials with granular access control, reducing security risks.

• Assume role via STS (preferred)
• Static credentials

1. Connect to your AWS console. Make sure you are connected to the right AWS account.

2. Execute the following Cloudformation stack, make sure you select the checkbox I acknowledge that AWS CloudFormation might create IAM resources with custom names

   It will create a role for Qovery and grant assume role permissions (see the cloudformation stack content here, including the role permissions)

3. Retrieve the role ARN from the Outputssection.

   

4. Insert the role ARN in Qovery and provide a credentials name to identify it in the Qovery console.

How was it? Did this tutorial work?  Yes  No

Install a new cluster on Qovery

You will be able to use the credentials you just generated when creating a cluster via the Qovery console. This cluster will be linked to your Qovery organization. Follow this documentation to create a new cluster on your organization.

Next steps

Now you can use your AWS account to deploy your applications on Qovery. You can also link other Cloud providers to your organization.