AccessKeyProps

class aws_cdk.aws_iam.AccessKeyProps(*, user, serial=None, status=None)

Bases: object

Properties for defining an IAM access key.

Parameters

  • user (IUser) – The IAM user this key will belong to. Changing this value will result in the access key being deleted and a new access key (with a different ID and secret value) being assigned to the new user.

  • serial (Union[int, float, None]) – A CloudFormation-specific value that signifies the access key should be replaced/rotated. This value can only be incremented. Incrementing this value will cause CloudFormation to replace the Access Key resource. Default: - No serial value

  • status (Optional[AccessKeyStatus]) – The status of the access key. An Active access key is allowed to be used to make API calls; An Inactive key cannot. Default: - The access key is active

ExampleMetadata

infused

Example:

# Creates a new IAM user, access and secret keys, and stores the secret access key in a Secret.
user = iam.User(self, "User")
access_key = iam.AccessKey(self, "AccessKey", user=user)
secret_value = secretsmanager.SecretStringValueBeta1.from_token(access_key.secret_access_key.to_string())
secretsmanager.Secret(self, "Secret",
    secret_string_beta1=secret_value
)

Attributes

serial

A CloudFormation-specific value that signifies the access key should be replaced/rotated.

This value can only be incremented. Incrementing this value will cause CloudFormation to replace the Access Key resource.

Default

  • No serial value

Return type

Union[int, float, None]

status

The status of the access key.

An Active access key is allowed to be used to make API calls; An Inactive key cannot.

Default

  • The access key is active

Return type

Optional[AccessKeyStatus]

user

The IAM user this key will belong to.

Changing this value will result in the access key being deleted and a new access key (with a different ID and secret value) being assigned to the new user.

Return type

IUser