​

At a glance

• Availability: Experimental (how to enable).
• Auth: API key.
• Connection: Credentials come from the variables below.

​

Credentials

Set these per environment. See Connect an integration.

​

Setup

​

AWS Integration Setup Guide ## Step 1: Create an IAM User 1. Log in to the AWS Console 2. Navigate to IAM (Identity and Access Management) 3. Click on Users in the left sidebar 4. Click Add users 5. Enter a username (e.g., veryfront-integration) 6. Select Access key - Programmatic access 7. Click Next: Permissions ## Step 2: Attach Permissions You can either: ### Option A: Create a Custom Policy (Recommended) 1. Click Attach existing policies directly 2. Click Create policy 3. Choose the JSON tab 4. Paste the following policy: json { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:ListAllMyBuckets", "s3:ListBucket", "s3:GetObject", "ec2:DescribeInstances", "lambda:ListFunctions" ], "Resource": "*" } ] } 5. Click Review policy 6. Name it VeryfrontAWSIntegration 7. Click Create policy 8. Go back to the user creation tab and refresh the policy list 9. Search for and select VeryfrontAWSIntegration ### Option B: Use AWS Managed Policies Attach these managed policies: - AmazonS3ReadOnlyAccess - AmazonEC2ReadOnlyAccess - AWSLambdaReadOnlyAccess Note: Option B provides broader read access than Option A. ## Step 3: Complete User Creation 1. Click Next: Tags (optional) 2. Click Next: Review 3. Click Create user 4. Important: Save your credentials: - Access Key ID - Secret Access Key ⚠️ This is the only time you’ll be able to see the Secret Access Key! ## Step 4: Configure Environment Variables 1. Copy the .env.example file to .env.local 2. Add your AWS credentials: env AWS_ACCESS_KEY_ID=your_access_key_id_here AWS_SECRET_ACCESS_KEY=your_secret_access_key_here AWS_REGION=us-east-1 3. Replace your_access_key_id_here and your_secret_access_key_here with your actual credentials 4. Update AWS_REGION to your preferred region (e.g., us-west-2, eu-west-1) ## Step 5: Install Dependencies Run the following command to install required AWS SDK packages: bash npm install @aws-sdk/client-s3 @aws-sdk/client-ec2 @aws-sdk/client-lambda @aws-sdk/credential-providers ## Step 6: Test Your Integration You can test your integration by using any of the available tools: - list-s3-buckets - List all your S3 buckets - list-s3-objects - List objects in a specific bucket - get-s3-object - Retrieve an object from S3 - list-ec2-instances - List your EC2 instances - list-lambda-functions - List your Lambda functions ## Security Best Practices 1. Never commit your .env.local file - It’s already in .gitignore 2. Use the principle of least privilege - Only grant permissions needed 3. Rotate credentials regularly - Update your access keys periodically 4. Use different credentials for different environments - Dev, staging, and production 5. Consider using AWS IAM Roles - For production environments, use IAM roles with EC2/ECS/Lambda ## Troubleshooting ### “Access Denied” Errors - Verify your IAM user has the correct permissions - Check that the region in your .env.local matches where your resources are located ### “Invalid Access Key” Errors - Double-check your AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY - Ensure there are no extra spaces or newlines in your credentials - Verify the IAM user is active and the access key hasn’t been deleted ### Region Issues - Some resources are region-specific (EC2, Lambda) - S3 bucket listing is global, but object access respects bucket regions - Update AWS_REGION to match where your resources are located ## Additional Resources - AWS IAM User Guide - AWS SDK for JavaScript v3 - AWS Security Best Practices

​

Tools