Access Keys
An access key comprises an access key ID (AK) and secret access key (SK). AK is used together with SK to sign requests cryptographically, ensuring that the requests are secret, complete, and correct.
After logging in to the management console, users authorized by the administrator can create and delete access keys on the My Credentials page.
If an IAM user does not have permissions to log in to the management console, the administrator of the user can manage access keys for the user in IAM.
- If the user accesses cloud services only by using the management console, specify the access type as Management console access and the credential type as Password.
- If the user accesses cloud services only through programmatic calls, specify the access type as Programmatic access and the credential type as Access key.
- If the user needs to use a password as the credential for programmatic access to certain APIs, specify the access type as Programmatic access.
- If the user needs to perform access key verification when using certain services in the console, specify the access type as "Programmatic access + Management console access" and the credential type as "Access Key + Password". For example, the user needs to perform access key verification when creating a data migration job in the Cloud Data Migration (CDM) console.
Important Notes
- You can create a maximum of two access keys with identical permissions and unlimited validity. Each access key can be downloaded only once when created. Keep your access keys secure and change them periodically for security purposes. To change an access key, delete it and create a new one.
- Federated users can only create temporary access credentials (temporary AK/SKs and security tokens). .
- If you are an administrator, you can view the AK of an IAM user on the user details page. The SK is kept by the user.
Creating an Access Key
- On the management console, hover over the username in the upper right corner and choose My Credentials from the drop-down list.
- Choose Access Keys from the navigation pane.
- Click Create Access Key.
- You can create a maximum of two access keys. The quota cannot be increased. If you already have two access keys, you can only delete an access key and create a new one.
- To change an access key, delete it and create a new one.
- Download the access key file.
After the access key is created, view the AK in the access key list and view the SK in the downloaded CSV file.
- Download the access key file and keep it properly. If the download page is closed, you will not be able to download the access key. However, you can create a new one.
- Open the CSV file in the lower left corner, or choose Downloads in the browser and open the CSV file.
- Keep your access keys secure and change them periodically for security purposes. To change an access key, delete it and create a new one.
Deleting an Access Key
If your access keys are forgotten or leaked, delete them on the My Credentials page or contact the administrator to delete them in IAM.
Deleted access keys cannot be restored. Make sure that the deleted access keys have not been used for more than one week.
- On the Access Keys page, locate the access key to be deleted and click Delete in the Operation column.
- In the displayed dialog box, click Yes.
Enabling/Disabling an Access Key
Access keys are enabled by default once being created. To disable an access key, perform the following steps:
- On the Access Keys page, locate the access key to be disabled and click Disable in the Operation column.
- In the displayed dialog box, click Yes.
The method of enabling an access key is similar to that of disabling an access key.
Viewing Access Keys
You can view the access key ID, status, and creation time in the Access Keys area.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot