Pick Your Cloud
Monk asks for credentials automatically when you deploy, but you can also set them up ahead of time. Pick your cloud to get started:AWS
IAM access key and secret key
Google Cloud
Service account JSON key
Microsoft Azure
Service principal with client secret
DigitalOcean
Personal access token
Hetzner
API token
Service Providers
Monk also integrates with service providers for databases, hosting, authentication, CI/CD, and monitoring. Credentials for these are requested automatically the first time you use them.
You do not need to configure these in advance. When you ask Monk to use a service — for example,
deploy frontend to Netlify with Monk — it will request the credentials it needs at that point.
Managing Credentials
You can check, update, or remove credentials at any time through your agent or Monk directly:Security Best Practices
Use service accounts, not personal credentials. Create a dedicated IAM user (AWS), service account (GCP), or service principal (Azure) for Monk. Service accounts can be rotated without affecting your personal access. Grant minimal permissions. Each cloud guide above lists the exact permissions Monk needs. Do not use admin or root credentials. Rotate regularly. Every 90 days for production credentials, immediately if potentially exposed, and whenever team members leave. Enable MFA on all provider accounts that manage the service accounts Monk uses.First deployment
Credentials ready? Deploy your first app

