How to create a secret access key for an AWS IAM user with the CLI

To create a new AWS secret access key and corresponding AWS access key ID for a specified user, you can use the create-access-key CLI command.

In the terminal, enter the following to create an access key for the user named Bob in the current account.

aws iam create-access-key --user-name Bob

Output:

{
    "AccessKey": {
        "UserName": "Bob",
        "Status": "Active",
        "CreateDate": "2015-03-09T18:39:23.411Z",
        "SecretAccessKey": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYzEXAMPLEKEY",
        "AccessKeyId": "AKIAIOSFODNN7EXAMPLE"
    }
}

The user must exist before you can create the access key. For more information, see How to create an AWS IAM User with the CLI.

Note: Store the secret access key in a secure location. If it is lost, it cannot be recovered, and you must create a new access key.

The create-access-key command accepts additional options. If you do not specify the --user-name, IAM determines the user name implicitly based on the AWS access key ID signing the request.

create-access-key
  --user-name <value> //optional
  --cli-input-json | --cli-input-yaml //optional
  --generate-cli-skeleton <value> //optional
  --cli-auto-prompt <value> //optional

For more information about the command and the additional options, see create-access-key in the official AWS CLI Command reference.

Note: For this example to work, you need to install and configure the AWS CLI first.

Cloud Security for Busy Developers

Cloud Security for Busy Developers

How to create a secret access key for an AWS IAM user with the CLI