Creating an Access Key
You can create an access key for your account. Access keys enable you to sign your API requests. At the creation of an access key, its state is automatically set to ACTIVE
, enabling it to sign requests.
When using the API, you need to get one of the access keys already created for your account from Cockpit to sign your request. For more information, see Getting Information About Your Access Keys.
Creating an Access Key Using Cockpit v2
-
In the top right corner, click your initials.
A drop-down menu appears. -
Click Access Keys.
The PASSWORD CONFIRMATION dialog box appears. -
Enter your current password and click Submit.
The list of your access keys appears. -
Click Create.
The GENERATE AN ACCESS KEY dialog box appears. -
(optional) Set an expiration date.
As a good practice, it is recommended to set an expiration date and renew your access key regularly.
-
Click Generate.
The access key is created. -
Click to copy the secret key, or click Download to download a file containing the secret key.
For security reasons, the secret key is only available when creating the access key. Save it carefully as you will not be able to retrieve it later.
Creating an Access Key Using OSC CLI
The CreateAccessKey command creates an access key for either your root account or an EIM user. The new key is automatically set to ACTIVE
.
For more information, see About Access Keys.
$ osc-cli api CreateAccessKey --profile "default" \
--ExpirationDate "2063-04-05"
$ osc-cli api CreateAccessKey --profile "default" --authentication-method "password" --login "$OSC_EMAIL" --password "$OSC_PASSWORD" \
--ExpirationDate "2063-04-05"
This command contains the following attributes that you need to specify:
-
DryRun
: (optional) If true, checks whether you have the required permissions to perform the action. -
ExpirationDate
: (optional) The date and time, or the date, at which you want the access key to expire, in ISO 8601 format (for example,2020-06-14T00:00:00.000Z
, or2020-06-14
). To remove an existing expiration date, use the method without specifying this parameter. -
UserName
: (optional) The name of the EIM user that owns the key to be created. If you do not specify a user name, this action creates an access key for the user who sends the request (which can be the root account).
The CreateAccessKey command returns the following elements:
-
AccessKey
: Information about the access key. -
ResponseContext
: Information about the context of the response.
{
"ResponseContext": {
"RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
},
"AccessKey": {
"State": "ACTIVE",
"AccessKeyId": "ABCDEFGHIJ0123456789",
"CreationDate": "2010-10-01T12:34:56.789+0000",
"ExpirationDate": "2063-04-05T00:00:00.000+0000",
"SecretKey": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"LastModificationDate": "2010-10-01T12:34:56.789+0000"
}
}
Related Pages
Corresponding API Methods