About Access Keys

An access key is an identifier for your account to sign your requests for OUTSCALE Cloud resources.

General Information

An access key is composed of two parts: the access key ID (AK) and its corresponding secret key (SK). These two parts are required when configuring most SDKs (for example, OSC CLI). You can also use them to log in to Cockpit. For more information, see Logging In to Cockpit v2.

If you try to authenticate with an invalid access key four times in a row, while signing requests or logging in to Cockpit, further authentication attempts will be prevented for 1 minute. This lockout time increases 1 minute every four failed attempts, for up to 10 minutes.

An access key is automatically created with your OUTSCALE account. You can create other access keys and delete them, including the automatically created one.

Using Cockpit v2 requires an access key. Therefore, if you use Cockpit v2 to delete your last remaining access key, a new one is automatically created to maintain the session.

However, access keys are not automatically created for new Elastic Identity Management (EIM) users. The root user must create access keys manually for each user.
The root user and EIM users can each have up to 10 access keys. The access keys created for EIM users enable them to sign the requests for which they have permissions, and to log in to Cockpit. For more information, see About EIM Users and Managing Access Keys for EIM Users.

To get your access keys to sign requests, see Getting Information About Your Access Keys.

Access Key States

An access key can be in the two following states:

  • ACTIVE: The state is set to ACTIVE at the creation of the access key, meaning the access key is enabled and can be used to sign your requests.

  • INACTIVE: You can set the access key to INACTIVE. The access key is then disabled and you cannot use it to sign your requests. An INACTIVE access key can be set to ACTIVE again.

You can modify the state of an access key at any time after its creation. For more information, see Modifying an Access Key.

Access Key Age

You can specify an expiration date for your access key, in ISO 8601 basic or extended format (UTC). If you do not specify an expiration date, your access key will not expire.

It is recommended to renew your access key regularly.

Cockpit v2

In Cockpit v2, on the Access keys page, you can see the level of warning of your access keys:

  • IconInformation: Your access key was created more than 3 months ago and should be replaced with a new one.

  • IconWarning: Your access key was created more than 12 months ago and should be replaced with a new one as soon as possible.

Related Pages