Arq Help

Create AWS Key Pair

The easiest way to get started with AWS is to create a "root" key pair.

  1. Go to the AWS Console and log in.
  2. Click on your name at the top right and click "My Security Credentials" in the drop-down menu.
  3. Click the triangle next to "Access Keys" to expand it.
  4. Click "Create New Access Key". Then click "Show Access Key" in the pop-up window to see the key pair you just created:
  5. Use that key pair to add a destination in Arq: Go to Arq's preferences, Destinations tab, click the + sign to add a destination, choose Amazon S3/Glacier, and enter the key pair.


If you'd prefer to use Amazon's IAM system instead of root keys, there are 2 options:

Option 1: Create Your Own IAM User

Create an IAM user with a policy that allows all actions on your bucket and its contents. Use its key pair in Arq.

Here's a sample policy that I used for my S3 bucket named "arqstefanbucket":

   "Version": "2012-10-17",
   "Statement": [
           "Effect": "Allow",
           "Action": "s3:*",
           "Resource": [
           "Effect": "Allow",
           "Action": "s3:ListAllMyBuckets",
           "Resource": "arn:aws:s3:::*"

Option 2: Let Arq Create the User

  1. Create a root key pair (explained above) and configure Arq with it.
  2. Direct Arq to create and use a new IAM user with just enough permission to read/write its own data in your AWS account: Restricting Amazon Permissions