get_bucket_access_keys

get_bucket_access_keys(**kwargs)

Returns the existing access key IDs for the specified Amazon Lightsail bucket.

Warning

This action does not return the secret access key value of an access key. You can get a secret access key only when you create it from the response of the CreateBucketAccessKey action. If you lose the secret access key, you must create a new access key.

See also: AWS API Documentation

Request Syntax

response = client.get_bucket_access_keys(
    bucketName='string'
)
Parameters
bucketName (string) --

[REQUIRED]

The name of the bucket for which to return access keys.

Return type
dict
Returns
Response Syntax
{
    'accessKeys': [
        {
            'accessKeyId': 'string',
            'secretAccessKey': 'string',
            'status': 'Active'|'Inactive',
            'createdAt': datetime(2015, 1, 1),
            'lastUsed': {
                'lastUsedDate': datetime(2015, 1, 1),
                'region': 'string',
                'serviceName': 'string'
            }
        },
    ]
}

Response Structure

  • (dict) --
    • accessKeys (list) --

      An object that describes the access keys for the specified bucket.

      • (dict) --

        Describes an access key for an Amazon Lightsail bucket.

        Access keys grant full programmatic access to the specified bucket and its objects. You can have a maximum of two access keys per bucket. Use the CreateBucketAccessKey action to create an access key for a specific bucket. For more information about access keys, see Creating access keys for a bucket in Amazon Lightsail in the Amazon Lightsail Developer Guide .

        Warning

        The secretAccessKey value is returned only in response to the CreateBucketAccessKey action. You can get a secret access key only when you first create an access key; you cannot get the secret access key later. If you lose the secret access key, you must create a new access key.

        • accessKeyId (string) --

          The ID of the access key.

        • secretAccessKey (string) --

          The secret access key used to sign requests.

          You should store the secret access key in a safe location. We recommend that you delete the access key if the secret access key is compromised.

        • status (string) --

          The status of the access key.

          A status of Active means that the key is valid, while Inactive means it is not.

        • createdAt (datetime) --

          The timestamp when the access key was created.

        • lastUsed (dict) --

          An object that describes the last time the access key was used.

          Note

          This object does not include data in the response of a CreateBucketAccessKey action. If the access key has not been used, the region and serviceName values are N/A , and the lastUsedDate value is null.

          • lastUsedDate (datetime) --

            The date and time when the access key was most recently used.

            This value is null if the access key has not been used.

          • region (string) --

            The Amazon Web Services Region where this access key was most recently used.

            This value is N/A if the access key has not been used.

          • serviceName (string) --

            The name of the Amazon Web Services service with which this access key was most recently used.

            This value is N/A if the access key has not been used.

Exceptions

  • Lightsail.Client.exceptions.AccessDeniedException
  • Lightsail.Client.exceptions.InvalidInputException
  • Lightsail.Client.exceptions.NotFoundException
  • Lightsail.Client.exceptions.ServiceException
  • Lightsail.Client.exceptions.UnauthenticatedException