AWS Command Line Interface
User Guide

Create an Access Key for an IAM User

This topic describes how to use AWS Command Line Interface (AWS CLI) commands to create a set of access keys for an IAM user.

Before you run any commands, set your default credentials. For more information, see Configuring the AWS CLI.

You can use the create-access-key command to create an access key for an IAM user. An access key is a set of security credentials that consists of an access key ID and a secret key.

An IAM user can create only two access keys at one time. If you try to create a third set, the command returns a LimitExceeded error.

$ aws iam create-access-key --user-name MyUser { "AccessKey": { "UserName": "MyUser", "AccessKeyId": "AKIAIOSFODNN7EXAMPLE", "Status": "Active", "SecretAccessKey": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY", "CreateDate": "2018-12-14T17:34:16Z" } }

Use the delete-access-key command to delete an access key for an IAM user. Specify which access key to delete by using the access key ID.

$ aws iam delete-access-key --user-name MyUser --access-key-id AKIAIOSFODNN7EXAMPLE