Connect your AWS account to ndexr — takes about 5 minutes.

  1. Sign in to the AWS IAM Console
  2. Go to Users → click your user name
  3. Open the Security credentials tab
  4. Click Create access key and choose Application running outside AWS
  5. Copy both keys now — the secret is only shown once

Attach these policies in IAM > Users > your user > Permissions > Add permissions . Open IAM Users

AmazonEC2FullAccess
Launch, manage, and terminate servers
AmazonRoute53FullAccess
DNS records and hosted zones
AmazonRoute53DomainsFullAccess
Domain registration (separate from hosted zones)
AWSCostExplorerReadOnlyAccess
View billing data
SecretsManagerReadWrite
Credential storage used by ndexr

You can start with just EC2 — ndexr will tell you which permission is missing if a feature can't connect.

AWS does not enable Cost Explorer API access by default.

  1. Go to AWS Cost Management
  2. Click Launch Cost Explorer
  3. Wait up to 24 hours for the API to activate

Without this, Billing → Cost Explorer in ndexr will show no data.

Your AWS Access Key ID identifies your account.
Your AWS Secret Access Key authenticates requests to AWS.

Inspect or remove your stored AWS credentials.

You can only have one set of AWS credentials at a time.

Name a new SSH key pair to securely access your EC2 instances.

A key pair is how you prove your identity when connecting to your server over SSH. Instead of a password (which can be guessed or brute-forced), AWS generates a cryptographic key pair — a public half stored on the server and a private half you download as a .pem file. Keep the .pem file safe; anyone who has it can log in, and AWS cannot recover it if lost.

Download the .pem file immediately and store it securely. AWS does not keep a copy of the private key — if lost, you'll need to create a new key pair.

View in AWS Console
Tip: Use a meaningful name to easily identify your key pair.

View, download, or delete key pairs already created in your AWS account.

Amazon Machine Images (AMIs)

Create an image from an instance and manage images you already own.

An AMI is a complete snapshot of your server's disk -- the OS, installed software, and your configuration. Once captured, you can launch a new instance from it in minutes instead of rebuilding from scratch. Use AMIs for disaster recovery, cloning identical environments, or sharing a pre-built setup with others.

Create from Instance

Pick a running or stopped instance and create an image with NoReboot=TRUE.

My Images

Elastic IPs

Allocate, associate, and manage public IP addresses.

An Elastic IP is a static public address that stays the same even when you stop and restart your server. Without one, your server gets a new random IP every time it boots, which breaks DNS records and bookmarks. AWS charges a small hourly fee (~$0.005/hr) for Elastic IPs that are not associated with a running instance -- this discourages hoarding unused addresses. Associate it with your server and the fee goes away.

A domain name is the human-readable address (e.g. example.com) that points to your server's IP. Once registered, you create DNS records that map the domain to your Elastic IP so visitors reach your server by name instead of memorizing a number. Registration is annual and pricing varies by TLD (.com, .io, etc.).

Choose Person for individual registrations. Use Company or Organization if registering on behalf of a business.
Address Information
Enter the full domain including TLD (e.g. mysite.com). Availability and price will appear below.