Authentication between the CLI tool and the AWS API is done via two pieces of information:
- Access key ID
- Secret access key
As its name suggests, you should keep your secret access key a secret! Be careful where you store or send it.
Once you have created a user, you can configure the tool so that you can use it for authentication purposes.
While you can configure the CLI tool with access keys directly, this should be avoided. Instead, you should use profiles to store your credentials. Using profiles gives you a more consistent and manageable centralized location to secure your secret keys.