AWS Documentation » AWS Command Line Interface » User Guide » Using the AWS CLI to Work with AWS Services » Using AWS Identity and Access Management from the AWS CLI » Create an Access Key for an IAM User

Create an Access Key for an IAM User

This topic describes how to use AWS Command Line Interface (AWS CLI) commands to create a set of access keys for an IAM user.

Before you run any commands, set your default credentials. For more information, see Configuring the AWS CLI.

You can use the create-access-key command to create an access key for an IAM user. An access key is a set of security credentials that consists of an access key ID and a secret key.

An IAM user can create only two access keys at one time. If you try to create a third set, the command returns a LimitExceeded error.

$ aws iam create-access-key --user-name MyUser
{
    "AccessKey": {
        "UserName": "MyUser",
        "AccessKeyId": "AKIAIOSFODNN7EXAMPLE",
        "Status": "Active",
        "SecretAccessKey": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY",
        "CreateDate": "2018-12-14T17:34:16Z"
    }
}

Use the delete-access-key command to delete an access key for an IAM user. Specify which access key to delete by using the access key ID.

$ aws iam delete-access-key --user-name MyUser --access-key-id AKIAIOSFODNN7EXAMPLE