Pick Your Cloud
Monk asks for credentials automatically when you deploy, but you can also set them up ahead of time. Pick your cloud to get started:AWS
IAM access key and secret key
Google Cloud
Service account JSON key
Microsoft Azure
Service principal with client secret
DigitalOcean
Personal access token
Coming soon: Hetzner support. Upvote it on our roadmap.
Service Providers
Monk also integrates with service providers for databases, hosting, authentication, CI/CD, and monitoring. Credentials for these are requested automatically the first time you use them.| Service | What you need | How it works |
|---|---|---|
| Netlify | Nothing | OAuth — Monk opens a browser for authorization |
| Vercel | Personal access token | Settings → Tokens |
| MongoDB Atlas | Org name + API key pair | Access Manager → API Keys |
| Redis Cloud | Account key + user key | Account Settings → API Keys |
| Auth0 | Domain + M2M client credentials | Applications → Create M2M app |
| Cloudflare | API token | My Profile → API Tokens |
| GitHub | Fine-grained PAT | Developer Settings → Fine-grained tokens |
| Slack | Incoming webhook URL | Apps → Incoming Webhooks → Add to Slack |
deploy frontend to Netlify with Monk — it will request the credentials it needs at that point.
Managing Credentials
You can check, update, or remove credentials at any time through your agent or Monk directly:Security Best Practices
Use service accounts, not personal credentials. Create a dedicated IAM user (AWS), service account (GCP), or service principal (Azure) for Monk. Service accounts can be rotated without affecting your personal access. Grant minimal permissions. Each cloud guide above lists the exact permissions Monk needs. Do not use admin or root credentials. Rotate regularly. Every 90 days for production credentials, immediately if potentially exposed, and whenever team members leave. Enable MFA on all provider accounts that manage the service accounts Monk uses.First deployment
Credentials ready? Deploy your first app