TARS relies on three cloud services. Follow these steps to secure your credentials before running the assistant.

OpenAI API (Chat Responses)

1. Sign in at https://platform.openai.com/ (create an account if needed).
2. Add a payment method or ensure you have available credits.
3. Navigate to Dashboard → API keys and click “Create new secret key”.
4. Copy the key immediately—it’s only shown once. Store it securely.
5. In code, assign it to openai.api_key, or export OPENAI_API_KEY and load it from the environment.

Treat this key like a password. Never commit it to Git or share it publicly.

AWS Polly (Speech Synthesis)

1. Log in to the AWS Console and open IAM.
2. Create an IAM user (e.g., “tars-polly”) with Programmatic access.
3. Attach the policy AmazonPollyFullAccess (or a custom policy with equivalent permissions).
4. Record the Access Key ID and Secret Access Key; download the CSV or store securely.
5. Set these in the script (ACCESS_KEY, SECRET_KEY) or export AWS_ACCESS_KEY_ID / AWS_SECRET_ACCESS_KEY.
6. Use a consistent region (e.g., us-east-1) unless you have a reason to change it.

Rotate keys periodically and delete unused IAM users to stay secure.