Programmatic access is very helpful for developers and DevOps Engineers where we can automate infra level management and also it helps developers to connect to aws service directly from application.
Console access is the one which is used by every one to access the service via web UI.
AWS allows us to provision and use their services using two different ways,
1, Programmatic access
2, AWS Management Console access
Programmatic access is helpful for DevOps Engineers to automate the infra creation and maintenance. Also this is helpful for developers to communicate to aws services from their application.
Most of the cases application needs to communicate with some AWS resources like S3 or DynamoDB to get or POST some data, In that case it is we can use programatic access to connect to the application, But this method is not recommended to hard code access keys and seret keys inside the application. Better we can go with ec2 role based authentication or AWS STS.
How to create access key and secret key to use programmatic access:
When we create user it will ask us to provide programmatic access to user and we can provide access by enabling the programatic access flag,
==> First access keys and secret will be created when we create the user,
It is not possible to have more than two active keys at a same time, It is highly recommended to recycle your access keys periodically.
Further we can see how to create access keys for existing AWS Account user who has programmatic access,
Navigate to the user summary page from IAM, and go to the security credentials part and click on create access keys to create more access keys as shown below,
Here we see our second access key is added and shows in Active state,
AWS Management Console access
AWS Console access is to manage the account and services, Users can create, delete and modify resources using web UI.
This is the web interface you will see when you login to the account. We can navigate to the service which we want.