Send Docs Feedback

Getting started with AWS integration

In this topic, you'll create Edge and AWS accounts (if you don't already have them) and create an AWS user.

1. Create an Edge account

If you don't already have an Edge account, create one. Edge provides different account levels, including a free trial. Get an account here: http://apigee.com/about/pricing/apigee-edge-pricing-features

The Creating an Apigee Edge account topic provides additional context.

2. Create an AWS account

If you don't already have an AWS account, create one and log into AWS.

  1. Sign up for AWS and perform other AWS setup tasks: http://docs.aws.amazon.com/IAM/latest/UserGuide/getting-setup.html
  2. Sign into the AWS Console: https://aws.amazon.com/

3. Create an AWS user that represents your Edge organization

The user you create in AWS represents your Edge organization. You'll generate an Access Key and Secret Access Key for the user, configure permissions for the user, and calls you make through Edge to AWS will pass that user's credentials.

Create one user in AWS for each of your organizations. While not required, it's a good idea to name the AWS user the same as the Edge organization.

  1. In AWS, select your_name > Security Credentials in the top menu bar. Refer to this topic for instructions on completing the following steps: http://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_create.html
  2. Create the user and create the access keys.
    Important: As you create the access keys for the user, be sure to Download Credentials. You'll need them later for upload into the Edge secure store (vault). Once you dismiss the "Create Access Key" dialog box, you can no longer see the Secret Access Key.
  3. Create a group, and assign appropriate AWS permissions to it.
    Set the permissions that are appropriate for the AWS services you are using. For example, if you want to make calls to AWS Lambda and Amazon DynamoDB, you might assign the "AWSLambdaFullAccess" and "AmazonDynamoDBFullAccess" policies to the group.
  4. Assign the user to the group.
    With your AWS user assigned to the group, the user keys you pass from Edge to AWS will allow access according to the group permissions.

Help or comments?