Next up, we have to let Ansible Tower know the credentials to use when accessing our AWS account; to add these, click on the Settings icon (the cog in the top menu) and you will be taken to a screen which looks like the following:

As you can see, there are a lot of different options here. As you may have already guessed, the option we are interested in is the CREDENTIALS one. Clicking on it will take you to a page that gives you an overview of the existing credentials; we want to add some new ones, so click on the +ADD button.

This should take you to a page that is similar in layout to the one where we added the project. Fill out the following information:

• NAME: AWS API Credentials
• DESCRIPTION: AWS API Credentials
• ORGANIZATION: Default
• CREDENTIAL TYPE: Click on the magnifying glass icon and select Amazon Web Services

Once the CREDENTIAL TYPE has been selected, the second section will be added; here, you can enter the following:

• ACCESS KEY: Add your access key from the previous AWS chapters, for example, AKIAI5KECPOTNTTVM3EDA
• SECRET KEY: Add your secret key from the previous AWS chapters, for example, Y4B7FFiSWl0Am3VIFc07lgnc/TAtK5+RpxzIGTr
• STS TOKEN: Leave blank

Once the form is completed, click on SAVE. Once saved, you will notice that the SECRET KEY is marked as ENCRYPTED:

When you save sensitive information in Ansible Tower, it is encrypted, and you only have the option to REPLACE or REVERT it. At no point can you view the information again.