Creating an EIM Access Key

You can create access keys for a specified user to enable them to access the resources they are allowed to. You can create up to two EIM access keys per user in your account.

This action generates both an access key ID and a secret key ID for the user to sign API requests. For more information, see About EIM Users > Users Credentials.

You can use this action for access keys associated with the root user. Therefore, you can use it to manage root credentials even if the OUTSCALE account has no associated EIM users.

Creating an EIM Access Key Using Cockpit

  1. Hover over your name.
    A drop-down menu appears.

  2. Click Users and Policies Management .

  3. In the EIM navigation panel, click Users.
    The Users page appears.

  4. Click the user for which you want to create an access key.
    The user is selected.

  5. Click Create AK .
    The GENERATE ACCESS KEY dialog box appears.

  6. Click Generate to validate.
    The access key is created and appears on the Users page.
    A file containing its secret key is automatically downloaded.

Creating an EIM Access Key Using AWS CLI

To create a new access key for a user, use the create-access-key command following this syntax:

Request sample
$ aws iam create-access-key \
    --profile YOUR_PROFILE \
    --user-name USER_NAME \

This command contains the following attributes that you need to specify:

  • (optional) profile: The named profile you want to use, created when configuring AWS CLI. For more information, see Installing and Configuring AWS CLI.

  • user-name: The common name of the user.

  • endpoint: The endpoint corresponding to the Region you want to send the request to.

The create-access-keys command returns the following elements:

  • AccessKey: Information about the newly created access key. This element contains the following information:

    • UserName: The name of the user the access key is associated with.

    • Status: The state of the access key. For more information, see About EIM Users > Users Credentials or Modifying the State of an EIM Access Key.

    • CreateDate: The date and time of the access key creation.

    • SecretAccessKey: The secret access key to sign requests.

      For security reasons, the secret access key is only available when creating it. Save it carefully as you will not be able to retrieve it later.

      If you lose the secret access key, you can delete it and must create a new one for the user.

    • AccessKeyId: The ID of the access key.

Result sample
    "AccessKey": {
        "UserName": "orn:ows:idauth::123456789012:user/User_Name",
        "Status": "Active",
        "CreateDate": "2016-05-12T14:58:06.364Z",
        "SecretAccessKey": "aBcdeFGhiJKLM/N1OPQRS/tuVWxYzABcDEFGHIJKLM",
        "AccessKeyId": "NOPQR2STUVWX3YZABCDE"

The access key is created and associated with the specified user.

Related Pages

Corresponding API Method

AWS™ and Amazon Web Services™ are trademarks of Amazon Technologies, Inc or its affiliates in the United States and/or other countries.