Skip to main content
Connect your AWS account to Adapt using an IAM access key so Adapt can read and analyze your AWS resources within the permissions you grant.

Set up credentials

1

Open the IAM console

Sign in to the AWS Management Console and go to the IAM service.
2

Create an IAM user

In the left navigation, choose Users > Create user. Enter a user name (for example, adapt-readonly), then click Next.
3

Attach a read-only policy

On the permissions page, choose Attach policies directly, search for ReadOnlyAccess (arn:aws:iam::aws:policy/ReadOnlyAccess), and select it. Click Next, then Create user.
Attach the narrowest policy that covers your use case. Service-specific read-only policies (for example, AmazonS3ReadOnlyAccess) are preferable when you only need access to one service.
4

Create an access key

Open the new user, go to the Security credentials tab, and under Access keys click Create access key. Choose a use case such as Third-party service or Other, then click Next and Create access key.
5

Copy the key values

Copy the Access key ID and the Secret access key, or download the .csv file. The secret access key is shown only once and cannot be retrieved later.

Connect to Adapt

1

Open Integrations

In Adapt, go to Settings > Integrations.
2

Find AWS

Search for AWS and select it from the catalog.
3

Start the connection

Click Connect to open the connection form.
4

Add your credentials

Enter the values you gathered above, then click Add connection:
Secret NameValue
AWS_ACCESS_KEY_IDYour IAM access key ID
AWS_SECRET_ACCESS_KEYYour IAM secret access key
AWS_REGIONYour default region, e.g. us-east-1 (optional)
You can rename the connection and choose whether it is shared with your organization or kept personal to you.
5

Test the connection

Ask Adapt to list your S3 buckets.

Security

  • Credentials are encrypted at rest with AES-256
  • Use a dedicated IAM user with a least-privilege, read-only policy such as ReadOnlyAccess or a service-specific read-only policy
  • Rotate access keys regularly and deactivate keys you no longer use
  • Never share your secret access key or commit it to source control

Capabilities

Adapt can inspect and analyze your AWS resources, such as S3 buckets, EC2 instances, and other services, within the permissions granted to the access key.

Examples

List my S3 buckets and flag any that are publicly accessible.

Summarize my running EC2 instances by region and instance type.

Show CloudWatch alarms that are currently in an ALARM state.

Review my IAM users and highlight any without MFA enabled.