AWS CloudFormation
User Guide (API Version 2010-05-15)
« PreviousNext »
View the PDF for this guide.Go to the AWS Discussion Forum for this product.Go to the Kindle Store to download this guide in Kindle format.Did this page help you?  Yes | No |  Tell us about it...

AWS::IAM::AccessKey

The AWS::IAM::AccessKey resource type generates a secret access key and assigns it to an IAM user or AWS account.

This type supports updates. For more information about updating stacks, see AWS CloudFormation Stacks Updates.

Syntax

{
   "Type": "AWS::IAM::AccessKey",
   "Properties": {
      "Serial": Integer,
      "Status": String,
      "UserName": String
   }
}     

Properties

Serial

This value is specific to AWS CloudFormation and can only be incremented. Incrementing this value notifies AWS CloudFormation that you want to rotate your access key. When you update your stack, AWS CloudFormation will replace the existing access key with a new key.

Required: No

Type: Integer

Update requires: Replacement

Status

The status of the access key.

Required: Yes

Type: String

Valid values: "Active" or "Inactive"

Update requires: No interruption

UserName

The name of the user that the new key will belong to.

Required: Yes

Type: String

Update requires: Replacement

Return Values

Ref

Specifying this resource ID to the intrinsic Ref function will return the AccessKeyId. For example: AKIAIOSFODNN7EXAMPLE.

For more information about using the Ref function, see Ref.

Fn::GetAtt

Fn::GetAtt returns a value for a specified attribute of this type. This section lists the available attributes and corresponding return values.

SecretAccessKey

Returns the secret access key for the specified AWS::IAM::AccessKey resource. For example: wJalrXUtnFEMI/K7MDENG/bPxRfiCYzEXAMPLEKEY.

For more information about using Fn:GetAtt, see Fn::GetAtt.

Template Examples

To view AWS::IAM::AccessKey snippets, see Declaring an IAM Access Key Resource.