All Documents

My CredentialsMy Credentials

    Compute
    Elastic Cloud Server
    Bare Metal Server
    Auto Scaling
    Image Management Service
    Dedicated Host
    FunctionGraph
    Management & Governance
    Cloud Eye
    Identity and Access Management
    Cloud Trace Service
    Tag Management Service
    Log Tank Service
    Resource Management Service
    Cloud Communications
    Message & SMS
    Business Applications
    ROMA Connect
    Edge Data Center Management
    DeveloperTools
    SDK Developer Guide
    API Request Signing Guide
    Terraform
    HCloud CLI
    Storage
    Object Storage Service
    Elastic Volume Service
    Cloud Backup and Recovery
    Content Delivery Network
    Storage Disaster Recovery Service
    Scalable File Service
    Volume Backup Service
    Cloud Server Backup Service
    Data Express Service
    Dedicated Enterprise Storage Service
    Databases
    Relational Database Service
    Document Database Service
    Data Admin Service
    Data Replication Service
    GaussDB NoSQL
    GaussDB(for MySQL)
    Distributed Database Middleware
    GaussDB(for openGauss)
    Media Services
    Media Processing Center
    Live
    enterprise-collaboration
    Meeting
    Pricing
    Pricing Principles
    Networking
    Virtual Private Cloud
    Elastic IP
    Elastic Load Balance
    NAT Gateway
    Direct Connect
    Virtual Private Network
    Domain Name Service
    VPC Endpoint
    Cloud Connect
    Migration
    Server Migration Service
    Object Storage Migration Service
    Cloud Data Migration
    Cloud Ecosystem
    Marketplace
    Partner Center
    AI
    MapReduce Service
    GaussDB(DWS)
    Face Recognition Service
    Graph Engine Service
    Data Lake Insight
    Cloud Search Service
    Content Moderation
    Image Recognition
    Data Lake Factory
    Optical Character Recognition
    ModelArts
    Data Ingestion Service
    ImageSearch
    Conversational Bot Service
    Speech Interaction Service
    Huawei HiLens
    Data Lake Visualization
    Data Lake Governance Center
    Natural Language Processing
    Containers
    Cloud Container Engine
    Software Repository for Container
    Application Orchestration Service
    ContainerOps
    Multi-Cloud Container Platform
    Developer Services
    ServiceStage
    Distributed Cache Service
    Simple Message Notification
    Application Performance Management
    Application Operations Management
    Blockchain Service
    API Gateway
    Cloud Performance Test Service
    Distributed Message Service for Kafka
    Distributed Message Service for RabbitMQ
    Distributed Message Service for RocketMQ
    Cloud Service Engine
    Dedicated Cloud
    Dedicated Computing Cluster
    Dedicated Distributed Storage Service
    LoT
    LoT
    Intelligent EdgeFabric
    Security & Compliance
    Anti-DDoS
    Web Application Firewall
    Host Security Service
    Data Encryption Workshop
    Database Security Service
    Advanced Anti-DDoS
    Data Security Center
    Container Guard Service
    Situation Awareness
    Managed Threat Detection
    Compass
    Cloud Certificate Manager
    Others
    Product Pricing Details
    System Permissions
    Console Quick Start
    Common FAQs
    Instructions for Associating with a HUAWEI CLOUD Partner
    My Credentials
    Message Center
    User Support
    My Account
    Billing Center
    Cost Center
    Resource Center
    Enterprise Management
    Service Tickets
    HUAWEI CLOUD (International) FAQs
    ICP License Service
    Support Plans
    Customer Operation Capabilities
    Partner Support Plans
    Professional Services
    Solutions
    SAP Cloud
    High Performance Computing
    Compute
    Elastic Cloud Server
    Bare Metal Server
    Auto Scaling
    Image Management Service
    Dedicated Host
    FunctionGraph
    Networking
    Virtual Private Cloud
    Elastic IP
    Elastic Load Balance
    NAT Gateway
    Direct Connect
    Virtual Private Network
    Domain Name Service
    VPC Endpoint
    Cloud Connect
    Security & Compliance
    Anti-DDoS
    Web Application Firewall
    Host Security Service
    Data Encryption Workshop
    Database Security Service
    Advanced Anti-DDoS
    Data Security Center
    Container Guard Service
    Situation Awareness
    Managed Threat Detection
    Compass
    Cloud Certificate Manager
    Databases
    Relational Database Service
    Document Database Service
    Data Admin Service
    Data Replication Service
    GaussDB NoSQL
    GaussDB(for MySQL)
    Distributed Database Middleware
    GaussDB(for openGauss)
    Developer Services
    ServiceStage
    Distributed Cache Service
    Simple Message Notification
    Application Performance Management
    Application Operations Management
    Blockchain Service
    API Gateway
    Cloud Performance Test Service
    Distributed Message Service for Kafka
    Distributed Message Service for RabbitMQ
    Distributed Message Service for RocketMQ
    Cloud Service Engine
    Cloud Communications
    Message & SMS
    Cloud Ecosystem
    Marketplace
    Partner Center
    User Support
    My Account
    Billing Center
    Cost Center
    Resource Center
    Enterprise Management
    Service Tickets
    HUAWEI CLOUD (International) FAQs
    ICP License Service
    Support Plans
    Customer Operation Capabilities
    Partner Support Plans
    Professional Services
    enterprise-collaboration
    Meeting
    LoT
    LoT
    Intelligent EdgeFabric
    DeveloperTools
    SDK Developer Guide
    API Request Signing Guide
    Terraform
    HCloud CLI
    Storage
    Object Storage Service
    Elastic Volume Service
    Cloud Backup and Recovery
    Content Delivery Network
    Storage Disaster Recovery Service
    Scalable File Service
    Volume Backup Service
    Cloud Server Backup Service
    Data Express Service
    Dedicated Enterprise Storage Service
    Containers
    Cloud Container Engine
    Software Repository for Container
    Application Orchestration Service
    ContainerOps
    Multi-Cloud Container Platform
    Management & Governance
    Cloud Eye
    Identity and Access Management
    Cloud Trace Service
    Tag Management Service
    Log Tank Service
    Resource Management Service
    Migration
    Server Migration Service
    Object Storage Migration Service
    Cloud Data Migration
    Others
    Product Pricing Details
    System Permissions
    Console Quick Start
    Common FAQs
    Instructions for Associating with a HUAWEI CLOUD Partner
    My Credentials
    Message Center
    Media Services
    Media Processing Center
    Live
    Dedicated Cloud
    Dedicated Computing Cluster
    Dedicated Distributed Storage Service
    Business Applications
    ROMA Connect
    Edge Data Center Management
    AI
    MapReduce Service
    GaussDB(DWS)
    Face Recognition Service
    Graph Engine Service
    Data Lake Insight
    Cloud Search Service
    Content Moderation
    Image Recognition
    Data Lake Factory
    Optical Character Recognition
    ModelArts
    Data Ingestion Service
    ImageSearch
    Conversational Bot Service
    Speech Interaction Service
    Huawei HiLens
    Data Lake Visualization
    Data Lake Governance Center
    Natural Language Processing
    Solutions
    SAP Cloud
    High Performance Computing
    Pricing
    Pricing Principles
      Help Center> My Credentials> User Guide> User Guide
      Updated at: Feb 24, 2022 GMT+08:00
      View PDF

      Access Keys

      An access key comprises an access key ID (AK) and secret access key (SK), and is used as a long-term identity credential to sign your requests for HUAWEI CLOUD APIs. AK is used together with SK to sign requests cryptographically, ensuring that the requests are secret, complete, and correct.

      After logging in to the management console, users authorized by the administrator can create and delete access keys on the My Credentials page.

      If an IAM user does not have permissions to log in to the management console, the administrator of the user can manage access keys for the user in IAM. For details, see Managing Access Keys for an IAM User.

      The credentials that an IAM user can use depend on the access type specified for the user. Select the access type that user will need to use.
      • If the user accesses cloud services only by using the management console, specify the access type as Management console access and the credential type as Password.
      • If the user accesses cloud services only through programmatic calls, specify the access type as Programmatic access and the credential type as Access key.
      • If the user needs to use a password as the credential for programmatic access to certain APIs, specify the access type as Programmatic access and the credential type as Password.
      • If the user needs to perform access key verification when using certain services in the console, specify the access type as "Programmatic access + Management console access" and the credential type as "Access Key + Password". For example, the user needs to perform access key verification when creating a data migration job in the Cloud Data Migration (CDM) console.

      Important Notes

      1. You can create a maximum of two access keys with identical permissions and unlimited validity. Each access key can be downloaded only once when created. Keep your access keys secure and change them periodically for security purposes. To change an access key, delete it and create a new one.
      2. Federated users can only create temporary access credentials (temporary AK/SKs and security tokens). For details, see Temporary Access Key (for Federated Users).
      3. If you are an IAM user, point to the username in the upper right corner of the management console, choose Security Settings, click the Critical Operations tab, and check the enabling status of the Access Key Management feature.
        • Disabled: All IAM users under the account can manage (create, enable, disable, and delete) their own access keys.
        • Enabled: Only the administrator can manage users' access keys.
      4. If you cannot manage your access keys, request the administrator to perform either of the following operations:
      5. If you are an administrator, you can view the AK of an IAM user on the user details page. The SK is kept by the user.

      Creating an Access Key

      1. Log in to HUAWEI CLOUD and click Console in the upper right corner.

      2. On the management console, hover over the username in the upper right corner and choose My Credentials from the drop-down list.

      3. Choose Access Keys from the navigation pane.
      4. Click Create Access Key, and enter the verification code or password.

        • You can create a maximum of two access keys. The quota cannot be increased. If you already have two access keys, you can only delete an access key and create a new one.
        • To change an access key, delete it and create a new one.

      5. Click OK to generate an access key and download it.

        After the access key is created, view the AK in the access key list and view the SK in the downloaded CSV file.
        • Download the access key file and keep it properly. If the download page is closed, you will not be able to download the access key. However, you can create a new one.
        • Open the CSV file in the lower left corner, or choose Downloads in the upper right corner of the browser and open the CSV file.
        • Keep your access keys secure and change them periodically for security purposes. To change an access key, delete it and create a new one.

      Deleting an Access Key

      1. On the Access Keys page, click Delete in the same row as the target access key.

      2. Enter the verification code or password, and click Yes.

        If your access keys are forgotten or leaked, delete them on the My Credentials page or contact the administrator to delete them in IAM.

      Enabling/Disabling an Access Key

      Access keys are enabled by default once being created. To disable an access key, perform the following steps:

      1. On the Access Keys page, click Disable in the same row as the target access key.
      2. Enter the verification code or password, and click Yes.

      The method of enabling an access key is similar to that of disabling an access key.

      Did you find this page helpful?

      Failed to submit the feedback. Please try again later.

      Which of the following issues have you encountered?







      Please complete at least one feedback item.

      Content most length 200 character

      Content is empty.

      OK Cancel