Temporary Access Key (for Federated Users)
A temporary access key is an identity credential that has temporary access permissions. It consists of an access key ID (AK) and a secret access key (SK). AK is used together with SK to sign requests cryptographically, ensuring that the requests are secret, complete, and correct.
After logging in to the management console, users authorized by the administrator can create and delete their own temporary access key on the My Credentials page. Only federated users can create a temporary access key on the My Credentials page. For accounts and IAM users, see Access Keys.
If a user cannot log in to the console or does not have permissions to visit the My Credentials page, the administrator can manage permanent access keys for the user in IAM.
If you are a federated user, you are advised to use a temporary access key.
Differences Between Temporary and Permanent Access Keys
Temporary and permanent access keys work almost in the same way and only have slight differences.
Item |
Temporary Access Keys |
Permanent Access Keys |
|---|---|---|
Validity period |
15 minutes to 24 hours |
Unlimited validity |
Quantity |
Unlimited and can be generated repeatedly |
2 access keys for each IAM user |
Creation method |
Generated dynamically, cannot be embedded into applications or stored for later use, and must be generated again after expiration. For details, see Creating a Temporary Access Key. |
-- |
Credential management |
Cannot be deleted, enabled, or disabled and will be automatically invalidated and cleared when they expire. |
Can be deleted, enabled, and disabled by the administrator on the IAM console. |
Precautions
- To ensure account security, keep the temporary access key secure and set a proper validity period for it.
- If you are an administrator, you can view the AK of an IAM user on the user details page. The SK is kept by the user.
Creating a Temporary Access Key
- On the management console, hover over the username in the upper right corner and choose My Credentials from the drop-down list.
- Choose Permanent Access Key from the navigation pane.
- In the upper right corner of the page, set a validity period from 15 minutes to 24 hours.
- Click Generate in the Operation column.
After the access key is created, view the AK, SK, and STS token in the access key list.
When you refresh the Temporary Access Key page, the AK, SK, and STS token content are cleared, but they will stay valid before they expire. Keep the access key properly.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
