list_access_keys
(**kwargs)¶Returns information about the access key IDs associated with the specified IAM user. If there is none, the operation returns an empty list.
Although each user is limited to a small number of keys, you can still paginate the results using the MaxItems
and Marker
parameters.
If the UserName
is not specified, the user name is determined implicitly based on the Amazon Web Services access key ID used to sign the request. If a temporary access key is used, then UserName
is required. If a long-term key is assigned to the user, then UserName
is not required. This operation works for access keys under the Amazon Web Services account. Consequently, you can use this operation to manage Amazon Web Services account root user credentials even if the Amazon Web Services account has no associated users.
Note
To ensure the security of your Amazon Web Services account, the secret access key is accessible only during key and user creation.
See also: AWS API Documentation
Request Syntax
response = client.list_access_keys(
UserName='string',
Marker='string',
MaxItems=123
)
The name of the user.
This parameter allows (through its regex pattern ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-
Marker
element in the response that you received to indicate where the next call should start.Use this only when paginating results to indicate the maximum number of items you want in the response. If additional items exist beyond the maximum you specify, the IsTruncated
response element is true
.
If you do not include this parameter, the number of items defaults to 100. Note that IAM might return fewer results, even when there are more results available. In that case, the IsTruncated
response element returns true
, and Marker
contains a value to include in the subsequent call that tells the service where to continue from.
dict
Response Syntax
{
'AccessKeyMetadata': [
{
'UserName': 'string',
'AccessKeyId': 'string',
'Status': 'Active'|'Inactive',
'CreateDate': datetime(2015, 1, 1)
},
],
'IsTruncated': True|False,
'Marker': 'string'
}
Response Structure
(dict) --
Contains the response to a successful ListAccessKeys request.
AccessKeyMetadata (list) --
A list of objects containing metadata about the access keys.
(dict) --
Contains information about an Amazon Web Services access key, without its secret key.
This data type is used as a response element in the ListAccessKeys operation.
UserName (string) --
The name of the IAM user that the key is associated with.
AccessKeyId (string) --
The ID for this access key.
Status (string) --
The status of the access key. Active
means that the key is valid for API calls; Inactive
means it is not.
CreateDate (datetime) --
The date when the access key was created.
IsTruncated (boolean) --
A flag that indicates whether there are more items to return. If your results were truncated, you can make a subsequent pagination request using the Marker
request parameter to retrieve more items. Note that IAM might return fewer than the MaxItems
number of results even when there are more results available. We recommend that you check IsTruncated
after every call to ensure that you receive all your results.
Marker (string) --
When IsTruncated
is true
, this element is present and contains the value to use for the Marker
parameter in a subsequent pagination request.
Exceptions
IAM.Client.exceptions.NoSuchEntityException
IAM.Client.exceptions.ServiceFailureException
Examples
The following command lists the access keys IDs for the IAM user named Alice.
response = client.list_access_keys(
UserName='Alice',
)
print(response)
Expected Output:
{
'AccessKeyMetadata': [
{
'AccessKeyId': 'AKIA111111111EXAMPLE',
'CreateDate': datetime(2016, 12, 1, 22, 19, 58, 3, 336, 0),
'Status': 'Active',
'UserName': 'Alice',
},
{
'AccessKeyId': 'AKIA222222222EXAMPLE',
'CreateDate': datetime(2016, 12, 1, 22, 20, 1, 3, 336, 0),
'Status': 'Active',
'UserName': 'Alice',
},
],
'ResponseMetadata': {
'...': '...',
},
}