How do I integrate with AWS IAM?

Hey, sorry if this isn’t exactly Fly.io specific but I’d like to know how I’d authenticate my Fly.io intances with AWS?

For example, currently my application runs on EC2/Lambda and I have IAM policies defined on the resources that let me authorize and interact with other AWS services. What would that look like if I moved my applications to Fly.io?

Since Fly is outside AWS you would need to create a user within the AWS console. You attach to that user the IAM policies your EC2/Lambda role has. So that user would have the same access to your AWS resources

Creating that user (with programmatic access) will give you these values you will need:

  • AWS_ACCESS_KEY_ID
  • AWS_SECRET_ACCESS_KEY

You would then set those as secrets within Fly so they are safely encrypted Secrets and Fly Apps · Fly

That would make them available to your app as environment variables which the relevant AWS SDK would then see and use. For example for nodejs Loading credentials in Node.js from environment variables - AWS SDK for JavaScript

3 Likes

Thanks Greg!

1 Like