The -credentials.boto file contains the credentials that allow you to use an automated script to start, access, read, write, stop, and destroy AWS resources such as Elastic MapReduce clusters and S3 Storage buckets.
There are two parts to an access key, the access key ID and the secret access key. Both of these items are sensitive information that you should not share with anyone nor upload anywhere.
- An access key ID looks like AKIAIOSFODNN7EXAMPLE
- A secret access key is longer and looks like wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
The -ssh_key.pem file contains the credentials that allow you to log into your EC2 compute or EMR (Elastic MapReduce) instance using the ssh program (e.g. ssh, PuTTY, Terminal, etc).
You fall under this heading if you are configuring or providing access to any of the following to users that you delegate access to cloud resources for which you are the owner.
Under the AWS Shared Responsibility Model we as the customers are responsible for the security of the following:
- Amazon Machine Images (AMIs)
- Operating systems
- Applications
- Data in transit
- Data at rest
- Data stores
- Credentials
- Policies and configuration