Creating an AWS connection

Method 1: AWS Assume Role

  1. In your AWS account, create a new AWS role.

  2. Set up your trusted identity to allow Blink AWS account permission to assume your role, using Blink’s account ID: 508219855436. Select the Require external ID checkbox > Fill in the External ID provided in the connection creation in step 1.

  3. In the Blink platform, add the permissions required for your AWS actions.

  4. Create the connection by completing the My Connection form, filling in the created Role’s ARN.

Method 2: AWS Assume Role + Key

This authentication method should be used when:

  1. You prefer to connect Blink to your account using an access key (similar to method #3).
  2. Unlike method #3, the permissions you want to grant in Blink are not assigned directly to the access key’s identity, but instead to an AWS role.

To use this option, first follow the steps in method #3 to create an access key. Then, proceed with the steps in method #1 to create a role and associate it with the access key’s identity.

Advanced connection options

Method 3: AWS Access Key

To create an access key and secret access key, follow these instructions.

Method 4: Connection by Runner’s Identity

This method is only available for self-hosted Runner installations, and not for the Blink Cloud Runner.

You can perform authenticated AWS actions by assigning a role to a self-hosted Blink Runner.

To configure this authentication method, follow these steps:

  1. If you haven’t already, install a self-hosted Blink runner within your AWS environment.

  2. Assign an AWS role to your runner, using one of these methods:

  3. Assign an AWS role to your Runner, using one of these methods:

  4. In a Blink workflow, use AWS steps without specifying a particular connection (leave the connection dropdown unselected) to leverage identity-based authentication.

Security Best Practices

  • We advise you to periodically rotate your AWS Access Keys if you are choosing it as a method to establish a connection.
  • We recommend scoping the associated IAM Policies tightly and grant access only to required actions and resources.