Policy for Search Feature

The following video sheds some light. Though dated, the narrator shows some methods for generating API keys specific for the Product Advertising API:

Okay, I thought I was able to get to the plugin to connect with a new IAM user with a new security policy containing only the Role of Network Administrator. But this started to fail so that’s not it.

According to an AWS forum post Administrator access is required to use Amazon’s Product Advertising API (PA API). That’s more authority than I’m willing to give to a plugin—even if I myself had written it.

Guess I’ll try it with tags and categories only for now or try and find a way to integrate with a plugin such as Amazon Web Services which appears to be more focused on security.

Whelp, no action necessary on the plugin part, at least yet. Here’s a AMZN forum post from last month reaffirming the PA API is itself a sizable security vulnerability at current.

So much so even when you sign-up for it according to forum instructions Amazon themselves will basically throw up all sort of security warnings and disclaimers for using their own products since only root credentials can be used—and IAM may not be supported (though I got it to work briefly with full Admin access).

Here’s a related announcement from Amazon some may find useful. Of course I expect they will continue to improve their security as time goes on given they recently decided only to allow PA API access to Associates.