Managing Access Keys for an IAM User
An access key consists of an access key ID (AK) and secret access key (SK) pair. You can use an access key to access Huawei Cloud using development tools, including APIs, CLI, and SDKs. Access keys cannot be used to log in to the console. AK is a unique identifier used in conjunction with SK to sign requests cryptographically, ensuring that the requests are secret, complete, and correct.
As an administrator, you can manage access keys for IAM users who have forgotten their access keys and do not have access to the console.
Choose More > Security Settings in the row containing the IAM user, and then create or delete access keys in the Access Keys area.
- Federated users can only create temporary access credentials (temporary AKs/SKs and security tokens). For details, see Temporary Access Key (for Federated Users).
- If a user is authorized to use the console, the user can manage access keys on the My Credentials page.
- Access keys are identity credentials used to call APIs. The account administrator and IAM users can only use their own access keys to call APIs.
- If an access key is used more than once in a 15-minute span, the Last Used column in the Access Keys area only displays the first use time.
- Creating an access key
- Click Create Access Key.
Figure 2 Creating an access key
Each user has a maximum of two access keys, and the access keys are permanently valid. For security purposes, change the access keys of IAM users periodically.
- (Optional) If operation protection is enabled, you need to enter a verification code or password.
- Click OK. An access key is automatically generated. Download the access key and provide it to the user.
- Click Create Access Key.
- Deleting an access key
- In the access key list, click Delete in the row containing the access key to be deleted.
Figure 3 Deleting an access key
- (Optional) If operation protection is enabled, you need to enter a verification code or password.
- Click Yes.
- In the access key list, click Delete in the row containing the access key to be deleted.
- Enabling/Disabling an access key
New access keys are enabled by default. To disable an access key, perform the following steps:
- In the access key list, click Disable in the row containing the access key you want to disable.
Figure 4 Disabling an access key
- (Optional) If operation protection is enabled, you need to enter a verification code or password, and click Yes.
The method of enabling an access key is similar to that of disabling an access key.
- In the access key list, click Disable in the row containing the access key you want to disable.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot