Access Keys
An access key comprises an access key ID (AK) and secret access key (SK), and is used as a long-term identity credential to sign your requests for HUAWEI CLOUD APIs. AK is used together with SK to sign requests cryptographically, ensuring that the requests are secret, complete, and correct.
After logging in to the management console, users authorized by the administrator can create and delete access keys on the My Credentials page.
If an IAM user does not have permissions to log in to the management console, the administrator of the user can manage access keys for the user in IAM. For details, see Managing Access Keys for an IAM User.
- If the user accesses cloud services only by using the management console, specify the access type as Management console access and the credential type as Password.
- If the user accesses cloud services only through programmatic calls, specify the access type as Programmatic access and the credential type as Access key.
- If the user needs to use a password as the credential for programmatic access to certain APIs, specify the access type as Programmatic access and the credential type as Password.
- If the user needs to perform access key verification when using certain services in the console, specify the access type as "Programmatic access + Management console access" and the credential type as "Access Key + Password". For example, the user needs to perform access key verification when creating a data migration job in the Cloud Data Migration (CDM) console.
Important Notes
- You can create a maximum of two access keys with identical permissions and unlimited validity. Each access key can be downloaded only once when created. Keep your access keys secure and change them periodically for security purposes. To change an access key, delete it and create a new one.
- Federated users can only create temporary access credentials (temporary AK/SKs and security tokens). For details, see Temporary Access Key (for Federated Users).
- If you are an IAM user, point to the username in the upper right corner of the management console, choose Security Settings, click the Critical Operations tab, and check the enabling status of the Access Key Management feature.
- Disabled: All IAM users under the account can manage (create, enable, disable, and delete) their own access keys.
- Enabled: Only the administrator can manage users' access keys.
- If you cannot manage your access keys, request the administrator to perform either of the following operations:
- Manage your access keys (see Managing Access Keys for an IAM User).
- Grant the permissions you require (see Assigning Permissions to an IAM User) or enable access key management (see Access Key Management).
- If you are an administrator, you can view the AK of an IAM user on the user details page. The SK is kept by the user.
Creating an Access Key
- Log in to HUAWEI CLOUD and click Console in the upper right corner.
- On the management console, hover over the username in the upper right corner and choose My Credentials from the drop-down list.
- Choose Access Keys from the navigation pane.
- Click Create Access Key, and enter the verification code or password.
- You can create a maximum of two access keys. The quota cannot be increased. If you already have two access keys, you can only delete an access key and create a new one.
- To change an access key, delete it and create a new one.
- Click OK to generate an access key and download it.
After the access key is created, view the AK in the access key list and view the SK in the downloaded CSV file.
- Download the access key file and keep it properly. If the download page is closed, you will not be able to download the access key. However, you can create a new one.
- Open the CSV file in the lower left corner, or choose Downloads in the upper right corner of the browser and open the CSV file.
- Keep your access keys secure and change them periodically for security purposes. To change an access key, delete it and create a new one.
Deleting an Access Key
- On the Access Keys page, click Delete in the same row as the target access key.
- Enter the verification code or password, and click Yes.
If your access keys are forgotten or leaked, delete them on the My Credentials page or contact the administrator to delete them in IAM.
Enabling/Disabling an Access Key
Access keys are enabled by default once being created. To disable an access key, perform the following steps:
- On the Access Keys page, click Disable in the same row as the target access key.
- Enter the verification code or password, and click Yes.
The method of enabling an access key is similar to that of disabling an access key.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
