aws-cdk-lib.aws_iam.AccessKey

class AccessKey (construct)

LanguageType name
.NETAmazon.CDK.AWS.IAM.AccessKey
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awsiam#AccessKey
Javasoftware.amazon.awscdk.services.iam.AccessKey
Pythonaws_cdk.aws_iam.AccessKey
TypeScript (source)aws-cdk-lib » aws_iam » AccessKey

Implements IConstruct, IDependable, IResource, IAccessKey

Define a new IAM Access Key.

Example

// Creates a new IAM user, access and secret keys, and stores the secret access key in a Secret.
const user = new iam.User(this, 'User');
const accessKey = new iam.AccessKey(this, 'AccessKey', { user });
const secret = new secretsmanager.Secret(this, 'Secret', {
    secretStringValue: accessKey.secretAccessKey,
});

Initializer

new AccessKey(scope: Construct, id: string, props: AccessKeyProps)

Parameters

  • scope Construct
  • id string
  • props AccessKeyProps

Construct Props

NameTypeDescription
userIUserThe IAM user this key will belong to.
serial?numberA CloudFormation-specific value that signifies the access key should be replaced/rotated.
status?AccessKeyStatusThe status of the access key.

user

Type: IUser

The IAM user this key will belong to.

Changing this value will result in the access key being deleted and a new access key (with a different ID and secret value) being assigned to the new user.


serial?

Type: number (optional, default: No serial value)

A CloudFormation-specific value that signifies the access key should be replaced/rotated.

This value can only be incremented. Incrementing this value will cause CloudFormation to replace the Access Key resource.


status?

Type: AccessKeyStatus (optional, default: The access key is active)

The status of the access key.

An Active access key is allowed to be used to make API calls; An Inactive key cannot.

Properties

NameTypeDescription
accessKeyIdstringThe Access Key ID.
envResourceEnvironmentThe environment this resource belongs to.
nodeNodeThe tree node.
secretAccessKeySecretValueThe Secret Access Key.
stackStackThe stack in which this resource is defined.

accessKeyId

Type: string

The Access Key ID.


env

Type: ResourceEnvironment

The environment this resource belongs to.

For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.


node

Type: Node

The tree node.


secretAccessKey

Type: SecretValue

The Secret Access Key.


stack

Type: Stack

The stack in which this resource is defined.

Methods

NameDescription
applyRemovalPolicy(policy)Apply the given removal policy to this resource.
toString()Returns a string representation of this construct.

applyRemovalPolicy(policy)

public applyRemovalPolicy(policy: RemovalPolicy): void

Parameters

  • policy RemovalPolicy

Apply the given removal policy to this resource.

The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.

The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS account for data recovery and cleanup later (RemovalPolicy.RETAIN).


toString()

public toString(): string

Returns

  • string

Returns a string representation of this construct.