Configuring a cloud account credential for F5 Distributed Cloud to use with AWS, while a straightforward process, requires some nuance to get just right. This article illustrates each step of the way.

1. Log in to the AWS Management Console console.aws.amazon.com. In the search box, enter “IAM” and go to the service.
   
   
   
2. Open the user or service account, and then click on the “Security credentials” tab. Click “Create access key”.
   
   
   
3. Copy the secret and save it to enter later in the F5 Distributed Cloud Console, and then “Close” the dialogue.
   
   
4. Now click the “Permissions” tab, and grant the specific permissions needed for the role. Consider whether you will be deploying a VPC or TGW site in AWS and confirm add the necessary permissions to this user’s account.
   TGW Site permissions: https://docs.cloud.f5.com/docs/reference/cloud-cred-ref/aws-tgw-pol-ref
   VPC Site permissions: https://docs.cloud.f5.com/docs/reference/cloud-cred-ref/aws-vpc-cred-ref
   
   
5. Open and navigate to the F5 Distributed Cloud Console, Cloud and Edge Sites > Site Management > Cloud Credentials, then click “Add Cloud Credentials”.
   
   
6. Enter the following details, and then click “Configure”.
   Name: aws-cred
   Cloud Credential Type: AWS Programmatic Access Credentials
   Access Key ID: [copied in step 3]
   
   Configure:
   Secret info: Blindfold Secret
   Type: Text
   [paste in the value copied in step 3]
   
   Click “Blindfold”, then click “Apply”
   
   
   
7. Click “Save and Exit”.

You’ve now successfully connected your F5 Distributed Cloud tenant with AWS using an AWS account’s programmatic access, and can now start provisioning VPC and TGW Customer Edge sites in AWS!