Modifying an EIM Access Key

You can modify the state of an access key to Active or Inactive to enable or disable it for API requests. For more information, see About EIM Users > Users Credentials.

You can also modify the date and time at which you want an access key to expire.

You can use this action for access keys associated with the root user. Therefore, you can use it to manage root credentials even if the OUTSCALE account has no associated EIM users.

Modifying an EIM Access Key Using Cockpit v2

  1. In the EIM Users dashboard, click the IconView details icon of the EIM user for which you want to modify an access key.
    The EIM user details panel appears.

  2. Select the access key you want to modify.
    The access key is selected.

  3. Click IconEdit Update.
    The UPDATE ACCESS KEY dialog box appears.

  4. (optional) From the list, select one of the following values:

    • Active: The access key is enabled and can be used to send requests.

    • Inactive: The access key is disabled.

  5. (optional) Select or specify the date and time at which you want your access key to expire.

  6. Click Update.
    The EIM access key is modified.

Modifying an EIM Access Key Using OSC CLI

The UpdateAccessKey command modifies the attributes of the specified access key of either your root account or an EIM user.

Request sample: Updating the expiration date of the access key
$ osc-cli api UpdateAccessKey --profile "default" \
    --AccessKeyId "ABCDEFGHIJ0123456789" \
    --State "ACTIVE" \
    --ExpirationDate "2063-04-05"
Request sample: Updating one of your own access keys (if you are the root account or an EIM user)
$ osc-cli api UpdateAccessKey --profile "default" \
    --AccessKeyId "ABCDEFGHIJ0123456789" \
    --State "ACTIVE"
Request sample: Updating the access key of a specific EIM user
$ osc-cli api UpdateAccessKey --profile "default" \
    --AccessKeyId "ABCDEFGHIJ0123456789" \
    --State "ACTIVE" \
    --UserName "example-user"
Request sample: Example with login/password authentication
$ osc-cli api UpdateAccessKey --profile "default" --authentication-method "password" --login "$OSC_EMAIL" --password "$OSC_PASSWORD" \
    --AccessKeyId "ABCDEFGHIJ0123456789" \
    --State "ACTIVE" \
    --UserName "example-user"

This command contains the following attributes that you need to specify:

  • AccessKeyId: The ID of the access key.

  • DryRun: (optional) If true, checks whether you have the required permissions to perform the action.

  • ExpirationDate: (optional) The date and time, or the date, at which you want the access key to expire, in ISO 8601 format (for example, 2020-06-14T00:00:00.000Z or 2020-06-14). If not specified, the access key is set to not expire.

  • State: The new state for the access key (ACTIVE | INACTIVE). When set to ACTIVE, the access key is enabled and can be used to send requests. When set to INACTIVE, the access key is disabled.

  • UserName: (optional) The name of the EIM user that the access key you want to modify is associated with. If you do not specify a user name, this action modifies the access key of the user who sends the request (which can be the root account).

The UpdateAccessKey command returns the following elements:

  • AccessKey: Information about the access key.

    • AccessKeyId: The ID of the access key.

    • CreationDate: The date and time (UTC) at which the access key was created.

    • ExpirationDate: The date and time (UTC) at which the access key expires.

    • LastModificationDate: The date and time (UTC) at which the access key was last modified.

    • State: The state of the access key (ACTIVE if the key is valid for API calls, or INACTIVE if not).

  • ResponseContext: Information about the context of the response.

    • RequestId: The ID of the request.

Result sample
{
  "ResponseContext": {
    "RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
  },
  "AccessKey": {
    "State": "ACTIVE",
    "AccessKeyId": "ABCDEFGHIJ0123456789",
    "CreationDate": "2010-10-01T12:34:56.789+0000",
    "ExpirationDate": "2063-04-05T00:00:00.000+0000",
    "LastModificationDate": "2017-05-10T12:34:56.789+0000"
  }
}

Modifying an EIM Access Key Using oapi-cli

The UpdateAccessKey command modifies the attributes of the specified access key of either your root account or an EIM user.

Request sample: Updating the expiration date of the access key
$ oapi-cli --profile "default" UpdateAccessKey \
    --AccessKeyId "ABCDEFGHIJ0123456789" \
    --State "ACTIVE" \
    --ExpirationDate "2063-04-05"
Request sample: Updating one of your own access keys (if you are the root account or an EIM user)
$ oapi-cli --profile "default" UpdateAccessKey \
    --AccessKeyId "ABCDEFGHIJ0123456789" \
    --State "ACTIVE"
Request sample: Updating the access key of a specific EIM user
$ oapi-cli --profile "default" UpdateAccessKey \
    --AccessKeyId "ABCDEFGHIJ0123456789" \
    --State "ACTIVE" \
    --UserName "example-user"
Request sample: Example with login/password authentication
$ oapi-cli --profile "default" --login "$OSC_EMAIL" --password "$OSC_PASSWORD" UpdateAccessKey \
    --AccessKeyId "ABCDEFGHIJ0123456789" \
    --State "ACTIVE" \
    --UserName "example-user"

This command contains the following attributes that you need to specify:

  • AccessKeyId: The ID of the access key.

  • DryRun: (optional) If true, checks whether you have the required permissions to perform the action.

  • ExpirationDate: (optional) The date and time, or the date, at which you want the access key to expire, in ISO 8601 format (for example, 2020-06-14T00:00:00.000Z or 2020-06-14). If not specified, the access key is set to not expire.

  • State: The new state for the access key (ACTIVE | INACTIVE). When set to ACTIVE, the access key is enabled and can be used to send requests. When set to INACTIVE, the access key is disabled.

  • UserName: (optional) The name of the EIM user that the access key you want to modify is associated with. If you do not specify a user name, this action modifies the access key of the user who sends the request (which can be the root account).

The UpdateAccessKey command returns the following elements:

  • AccessKey: Information about the access key.

    • AccessKeyId: The ID of the access key.

    • CreationDate: The date and time (UTC) at which the access key was created.

    • ExpirationDate: The date and time (UTC) at which the access key expires.

    • LastModificationDate: The date and time (UTC) at which the access key was last modified.

    • State: The state of the access key (ACTIVE if the key is valid for API calls, or INACTIVE if not).

  • ResponseContext: Information about the context of the response.

    • RequestId: The ID of the request.

Result sample
{
  "ResponseContext": {
    "RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
  },
  "AccessKey": {
    "State": "ACTIVE",
    "AccessKeyId": "ABCDEFGHIJ0123456789",
    "CreationDate": "2010-10-01T12:34:56.789+0000",
    "ExpirationDate": "2063-04-05T00:00:00.000+0000",
    "LastModificationDate": "2017-05-10T12:34:56.789+0000"
  }
}

Modifying the State of an EIM Access Key Using AWS CLI

Before you begin: Install and configure AWS CLI. For more information, see Installing and Configuring AWS CLI.

To modify the state of an access key, use the update-access-key command following this syntax:

Request sample
$ aws iam update-access-key \
    --profile YOUR_PROFILE \
    --user-name USER_NAME \
    --access-key-id NOPQR2STUVWX3YZABCDE \
    --status Inactive \
    --endpoint https://eim.eu-west-2.outscale.com

This command contains the following attributes that you need to specify:

  • (optional) profile: The named profile you want to use, created when configuring AWS CLI. For more information, see Installing and Configuring AWS CLI.

  • (optional) user-name: The name of the user.

    If you do not specify a user name, this action modifies the state of an access key associated with the user who sends the request.

  • access-key-id: The ID of the access key.

  • status: The new state for the access key (Active | Inactive).

  • endpoint: The endpoint corresponding to the Region you want to send the request to. For more information, see Installing and Configuring AWS CLI.

The state of the specified access key is modified.

Related Pages

Corresponding API Methods

AWS™ and Amazon Web Services™ are trademarks of Amazon Technologies, Inc or its affiliates in the United States and/or other countries.