api tokens

Because we will use Ansible and Terraform, we need the API keys and tokens to access the resources through the APIs exposed by AWS and Cloudflare.

Sometimes you can’t retrieve them because they are not stored in clear text by the provider.
So write them down.

1. AWS

We will need two API accesses:

  1. for the ops account

    This account will be used for the Consul Cloud Auto-join feature and for the dynamic inventory in Ansible

    That’s why it only has read-only access on EC2 instances.

  2. for your account

    This account has write access. It will be used to create everything in AWS.

Here is the panel where you can find the ACCESS KEY ID and the SECRET ACCESS KEY: AWS IAM group ops

It’s all done with AWS.
You can now disconnect from your root account and relog with your account.

2. Cloudflare

Go to the Cloudflare dashboard and click on Get your API key.
Then go to the API tokens panel and generate a Global API Key.

AWS IAM group ops

3. Next page!

We are done, let’s go preparing your working environment.