Modifying an Access Key

You can modify the state of an access key to define whether you can use it to sign a request or not, and its expiration date. For more information, see About Access Keys.

Modifying an Access Key Using Cockpit v2

  1. In the top right corner, click the IconProfil icon.
    A drop-down menu appears.

  2. Click IconUserKey Access Keys.
    The list of your access keys appears.

  3. Select the access key you want to modify.
    The access key is selected.

  4. Click IconEdit Update.
    The UPDATE ACCESS KEY dialog box appears.

  5. (optional) From the list, select one of the following values:

    • Active: The access key is enabled and can be used to send requests.

    • Inactive: The access key is disabled.

  6. (optional) Select or specify the date and time at which you want your access key to expire.

  7. Click Update.
    The access key is modified.

Modifying an Access Key Using OSC CLI

The UpdateAccessKey command modifies the attributes of the specified access key of either your root account or an EIM user.

The parameter ExpirationDate is not required when updating the state of your access key. However, if you do not specify the expiration date of an access key when updating its state, it is then set to not expire.

Request sample: Updating the expiration date of the access key
$ osc-cli api UpdateAccessKey --profile "default" \
    --AccessKeyId "ABCDEFGHIJ0123456789" \
    --State "ACTIVE" \
    --ExpirationDate "2063-04-05"
Request sample: Updating the state of one of your own access keys (if you are the root account or an EIM user)
$ osc-cli api UpdateAccessKey --profile "default" \
    --AccessKeyId "ABCDEFGHIJ0123456789" \
    --State "ACTIVE"
Request sample: Updating the access key of a specific EIM user
$ osc-cli api UpdateAccessKey --profile "default" \
    --AccessKeyId "ABCDEFGHIJ0123456789" \
    --State "ACTIVE" \
    --UserName "example-user"
Request sample: Example with login/password authentication
$ osc-cli api UpdateAccessKey --profile "default" --authentication-method "password" --login "$OSC_EMAIL" --password "$OSC_PASSWORD" \
    --AccessKeyId "ABCDEFGHIJ0123456789" \
    --State "ACTIVE" \
    --UserName "example-user"

This command contains the following attributes that you need to specify:

  • AccessKeyId: The ID of the access key.

  • DryRun: (optional) If true, checks whether you have the required permissions to perform the action.

  • ExpirationDate: (optional) The date and time, or the date, at which you want the access key to expire, in ISO 8601 format (for example, 2020-06-14T00:00:00.000Z or 2020-06-14). If not specified, the access key is set to not expire.

  • State: The new state for the access key (ACTIVE | INACTIVE). When set to ACTIVE, the access key is enabled and can be used to send requests. When set to INACTIVE, the access key is disabled.

  • UserName: (optional) The name of the EIM user that the access key you want to modify is associated with. If you do not specify a user name, this action modifies the access key of the user who sends the request (which can be the root account).

The UpdateAccessKey command returns the following elements:

  • AccessKey: Information about the access key.

    • AccessKeyId: The ID of the access key.

    • CreationDate: The date and time (UTC) at which the access key was created.

    • ExpirationDate: The date and time (UTC) at which the access key expires.

    • LastModificationDate: The date and time (UTC) at which the access key was last modified.

    • State: The state of the access key (ACTIVE if the key is valid for API calls, or INACTIVE if not).

    • Tag: The tag added to the access key.

  • ResponseContext: Information about the context of the response.

    • RequestId: The ID of the request.

Result sample: Updating an access key when using the parameter ExpirationDate
{
  "ResponseContext": {
    "RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
  },
  "AccessKey": {
    "State": "ACTIVE",
    "AccessKeyId": "ABCDEFGHIJ0123456789",
    "CreationDate": "2010-10-01T12:34:56.789+0000",
    "ExpirationDate": "2063-04-05T00:00:00.000+0000",
    "LastModificationDate": "2017-05-10T12:34:56.789+0000",
    "Tag": "Group1"
  }
}
Result sample: Updating an access key when not using the parameter ExpirationDate
{
  "ResponseContext": {
    "RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
  },
  "AccessKey": {
    "State": "ACTIVE",
    "AccessKeyId": "ABCDEFGHIJ0123456789",
    "CreationDate": "2010-10-01T12:34:56.789+0000",
    "LastModificationDate": "2017-05-10T12:34:56.789+0000",
    "Tag": "Group1"
  }
}

Modifying an Access Key Using oapi-cli

The UpdateAccessKey command modifies the attributes of the specified access key of either your root account or an EIM user.

The parameter ExpirationDate is not required when updating the state of your access key. However, if you do not specify the expiration date of an access key when updating its state, it is then set to not expire.

Request sample: Updating the expiration date of the access key
$ oapi-cli --profile "default" UpdateAccessKey \
    --AccessKeyId "ABCDEFGHIJ0123456789" \
    --State "ACTIVE" \
    --ExpirationDate "2063-04-05"
Request sample: Updating the state of one of your own access keys (if you are the root account or an EIM user)
$ oapi-cli --profile "default" UpdateAccessKey \
    --AccessKeyId "ABCDEFGHIJ0123456789" \
    --State "ACTIVE"
Request sample: Updating the access key of a specific EIM user
$ oapi-cli --profile "default" UpdateAccessKey \
    --AccessKeyId "ABCDEFGHIJ0123456789" \
    --State "ACTIVE" \
    --UserName "example-user"
Request sample: Example with login/password authentication
$ oapi-cli --profile "default" --login "$OSC_EMAIL" --password "$OSC_PASSWORD" UpdateAccessKey \
    --AccessKeyId "ABCDEFGHIJ0123456789" \
    --State "ACTIVE" \
    --UserName "example-user"

This command contains the following attributes that you need to specify:

  • AccessKeyId: The ID of the access key.

  • DryRun: (optional) If true, checks whether you have the required permissions to perform the action.

  • ExpirationDate: (optional) The date and time, or the date, at which you want the access key to expire, in ISO 8601 format (for example, 2020-06-14T00:00:00.000Z or 2020-06-14). If not specified, the access key is set to not expire.

  • State: The new state for the access key (ACTIVE | INACTIVE). When set to ACTIVE, the access key is enabled and can be used to send requests. When set to INACTIVE, the access key is disabled.

  • UserName: (optional) The name of the EIM user that the access key you want to modify is associated with. If you do not specify a user name, this action modifies the access key of the user who sends the request (which can be the root account).

The UpdateAccessKey command returns the following elements:

  • AccessKey: Information about the access key.

    • AccessKeyId: The ID of the access key.

    • CreationDate: The date and time (UTC) at which the access key was created.

    • ExpirationDate: The date and time (UTC) at which the access key expires.

    • LastModificationDate: The date and time (UTC) at which the access key was last modified.

    • State: The state of the access key (ACTIVE if the key is valid for API calls, or INACTIVE if not).

    • Tag: The tag added to the access key.

  • ResponseContext: Information about the context of the response.

    • RequestId: The ID of the request.

Result sample: Updating an access key when using the parameter ExpirationDate
{
  "ResponseContext": {
    "RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
  },
  "AccessKey": {
    "State": "ACTIVE",
    "AccessKeyId": "ABCDEFGHIJ0123456789",
    "CreationDate": "2010-10-01T12:34:56.789+0000",
    "ExpirationDate": "2063-04-05T00:00:00.000+0000",
    "LastModificationDate": "2017-05-10T12:34:56.789+0000",
    "Tag": "Group1"
  }
}
Result sample: Updating an access key when not using the parameter ExpirationDate
{
  "ResponseContext": {
    "RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
  },
  "AccessKey": {
    "State": "ACTIVE",
    "AccessKeyId": "ABCDEFGHIJ0123456789",
    "CreationDate": "2010-10-01T12:34:56.789+0000",
    "LastModificationDate": "2017-05-10T12:34:56.789+0000",
    "Tag": "Group1"
  }
}

Related Pages

Corresponding API Method

Export to PDF