Resource: aws_iam_access_key

Provides an IAM access key. This is a set of credentials that allow API requests to be made as an IAM user.

Example Usage

resource "aws_iam_access_key" "lb" {
  user    = aws_iam_user.lb.name
  pgp_key = "keybase:some_person_that_exists"
}

resource "aws_iam_user" "lb" {
  name = "loadbalancer"
  path = "/system/"
}

data "aws_iam_policy_document" "lb_ro" {
  statement {
    effect    = "Allow"
    actions   = ["ec2:Describe*"]
    resources = ["*"]
  }
}

resource "aws_iam_user_policy" "lb_ro" {
  name   = "test"
  user   = aws_iam_user.lb.name
  policy = data.aws_iam_policy_document.lb_ro.json
}

output "secret" {
  value = aws_iam_access_key.lb.encrypted_secret
}
resource "aws_iam_user" "test" {
  name = "test"
  path = "/test/"
}

resource "aws_iam_access_key" "test" {
  user = aws_iam_user.test.name
}

output "aws_iam_smtp_password_v4" {
  value = aws_iam_access_key.test.ses_smtp_password_v4
}

Argument Reference

This resource supports the following arguments:

Attribute Reference

This resource exports the following attributes in addition to the arguments above:

Import

In Terraform v1.5.0 and later, use an import block to import IAM Access Keys using the identifier. For example:

import {
  to = aws_iam_access_key.example
  id = "AKIA1234567890"
}

Using terraform import, import IAM Access Keys using the identifier. For example:

% terraform import aws_iam_access_key.example AKIA1234567890

Resource attributes such as encrypted_secret, key_fingerprint, pgp_key, secret, ses_smtp_password_v4, and encrypted_ses_smtp_password_v4 are not available for imported resources as this information cannot be read from the IAM API.