Programmatic access is very helpful for developers and DevOps Engineers where we can automate infra level management and also it helps developers to connect to AWS service directly from application.
Console access is the one that is used by everyone to access the service via web UI.
AWS allows us to provision and use their services using two different ways,
1, Programmatic access
2, AWS Management Console access
Programmatic access is helpful for DevOps Engineers to automate the infra creation and maintenance. Also, this is helpful for developers to communicate with AWS services from their application.
In most of the cases, applications need to communicate with some AWS resources like S3 or DynamoDB to get or POST some data. In that case, we can use programmatic access to connect to the application, But this method is not recommended to hard code access keys and secret keys inside the application. Better we can go with ec2 role-based authentication or AWS STS.
How to create access key and secret key to use programmatic access:
When we create a user it will ask us to provide programmatic access to user and we can provide access by enabling the programmatic access flag,
==> First access keys and secret will be created when we create the user,
It is not possible to have more than two active keys at the same time, It is highly recommended to recycle your access keys periodically.
Further, we can see how to create access keys for existing AWS Account user who has programmatic access,
Navigate to the user summary page from IAM, and go to the security credentials part and click on create access keys to create more access keys as shown below,
Here we see our second access key is added and shows in Active state,
AWS Management Console access
AWS Console access is to manage the account and services, Users can create, delete, and modify resources using web UI.
This is the web interface you will see when you log in to the account. We can navigate to the service which we want.