AccessKey - Amazon Lightsail


Describes an access key for an Amazon Lightsail bucket.

Access keys grant full programmatic access to the specified bucket and its objects. You can have a maximum of two access keys per bucket. Use the CreateBucketAccessKey action to create an access key for a specific bucket. For more information about access keys, see Creating access keys for a bucket in Amazon Lightsail in the Amazon Lightsail Developer Guide.


The secretAccessKey value is returned only in response to the CreateBucketAccessKey action. You can get a secret access key only when you first create an access key; you cannot get the secret access key later. If you lose the secret access key, you must create a new access key.



The ID of the access key.

Type: String

Length Constraints: Fixed length of 20.

Pattern: ^[A-Z0-9]{20}$

Required: No


The timestamp when the access key was created.

Type: Timestamp

Required: No


An object that describes the last time the access key was used.


This object does not include data in the response of a CreateBucketAccessKey action. If the access key has not been used, the region and serviceName values are N/A, and the lastUsedDate value is null.

Type: AccessKeyLastUsed object

Required: No


The secret access key used to sign requests.

You should store the secret access key in a safe location. We recommend that you delete the access key if the secret access key is compromised.

Type: String

Pattern: .*\S.*

Required: No


The status of the access key.

A status of Active means that the key is valid, while Inactive means it is not.

Type: String

Valid Values: Active | Inactive

Required: No

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: