Lightsail / Client / create_bucket_access_key

create_bucket_access_key#

Lightsail.Client.create_bucket_access_key(**kwargs)#

Creates a new access key for the specified Amazon Lightsail bucket. Access keys consist of an access key ID and corresponding secret access key.

Access keys grant full programmatic access to the specified bucket and its objects. You can have a maximum of two access keys per bucket. Use the GetBucketAccessKeys action to get a list of current access keys for a specific bucket. For more information about access keys, see Creating access keys for a bucket in Amazon Lightsail in the Amazon Lightsail Developer Guide .

Warning

The secretAccessKey value is returned only in response to the CreateBucketAccessKey action. You can get a secret access key only when you first create an access key; you cannot get the secret access key later. If you lose the secret access key, you must create a new access key.

See also: AWS API Documentation

Request Syntax

response = client.create_bucket_access_key(
    bucketName='string'
)
Parameters:

bucketName (string) –

[REQUIRED]

The name of the bucket that the new access key will belong to, and grant access to.

Return type:

dict

Returns:

Response Syntax

{
    'accessKey': {
        'accessKeyId': 'string',
        'secretAccessKey': 'string',
        'status': 'Active'|'Inactive',
        'createdAt': datetime(2015, 1, 1),
        'lastUsed': {
            'lastUsedDate': datetime(2015, 1, 1),
            'region': 'string',
            'serviceName': 'string'
        }
    },
    'operations': [
        {
            'id': 'string',
            'resourceName': 'string',
            'resourceType': 'ContainerService'|'Instance'|'StaticIp'|'KeyPair'|'InstanceSnapshot'|'Domain'|'PeeredVpc'|'LoadBalancer'|'LoadBalancerTlsCertificate'|'Disk'|'DiskSnapshot'|'RelationalDatabase'|'RelationalDatabaseSnapshot'|'ExportSnapshotRecord'|'CloudFormationStackRecord'|'Alarm'|'ContactMethod'|'Distribution'|'Certificate'|'Bucket',
            'createdAt': datetime(2015, 1, 1),
            'location': {
                'availabilityZone': 'string',
                'regionName': 'us-east-1'|'us-east-2'|'us-west-1'|'us-west-2'|'eu-west-1'|'eu-west-2'|'eu-west-3'|'eu-central-1'|'ca-central-1'|'ap-south-1'|'ap-southeast-1'|'ap-southeast-2'|'ap-northeast-1'|'ap-northeast-2'|'eu-north-1'
            },
            'isTerminal': True|False,
            'operationDetails': 'string',
            'operationType': 'DeleteKnownHostKeys'|'DeleteInstance'|'CreateInstance'|'StopInstance'|'StartInstance'|'RebootInstance'|'OpenInstancePublicPorts'|'PutInstancePublicPorts'|'CloseInstancePublicPorts'|'AllocateStaticIp'|'ReleaseStaticIp'|'AttachStaticIp'|'DetachStaticIp'|'UpdateDomainEntry'|'DeleteDomainEntry'|'CreateDomain'|'DeleteDomain'|'CreateInstanceSnapshot'|'DeleteInstanceSnapshot'|'CreateInstancesFromSnapshot'|'CreateLoadBalancer'|'DeleteLoadBalancer'|'AttachInstancesToLoadBalancer'|'DetachInstancesFromLoadBalancer'|'UpdateLoadBalancerAttribute'|'CreateLoadBalancerTlsCertificate'|'DeleteLoadBalancerTlsCertificate'|'AttachLoadBalancerTlsCertificate'|'CreateDisk'|'DeleteDisk'|'AttachDisk'|'DetachDisk'|'CreateDiskSnapshot'|'DeleteDiskSnapshot'|'CreateDiskFromSnapshot'|'CreateRelationalDatabase'|'UpdateRelationalDatabase'|'DeleteRelationalDatabase'|'CreateRelationalDatabaseFromSnapshot'|'CreateRelationalDatabaseSnapshot'|'DeleteRelationalDatabaseSnapshot'|'UpdateRelationalDatabaseParameters'|'StartRelationalDatabase'|'RebootRelationalDatabase'|'StopRelationalDatabase'|'EnableAddOn'|'DisableAddOn'|'PutAlarm'|'GetAlarms'|'DeleteAlarm'|'TestAlarm'|'CreateContactMethod'|'GetContactMethods'|'SendContactMethodVerification'|'DeleteContactMethod'|'CreateDistribution'|'UpdateDistribution'|'DeleteDistribution'|'ResetDistributionCache'|'AttachCertificateToDistribution'|'DetachCertificateFromDistribution'|'UpdateDistributionBundle'|'SetIpAddressType'|'CreateCertificate'|'DeleteCertificate'|'CreateContainerService'|'UpdateContainerService'|'DeleteContainerService'|'CreateContainerServiceDeployment'|'CreateContainerServiceRegistryLogin'|'RegisterContainerImage'|'DeleteContainerImage'|'CreateBucket'|'DeleteBucket'|'CreateBucketAccessKey'|'DeleteBucketAccessKey'|'UpdateBucketBundle'|'UpdateBucket'|'SetResourceAccessForBucket'|'UpdateInstanceMetadataOptions'|'StartGUISession'|'StopGUISession',
            'status': 'NotStarted'|'Started'|'Failed'|'Completed'|'Succeeded',
            'statusChangedAt': datetime(2015, 1, 1),
            'errorCode': 'string',
            'errorDetails': 'string'
        },
    ]
}

Response Structure

  • (dict) –

    • accessKey (dict) –

      An object that describes the access key that is created.

      • accessKeyId (string) –

        The ID of the access key.

      • secretAccessKey (string) –

        The secret access key used to sign requests.

        You should store the secret access key in a safe location. We recommend that you delete the access key if the secret access key is compromised.

      • status (string) –

        The status of the access key.

        A status of Active means that the key is valid, while Inactive means it is not.

      • createdAt (datetime) –

        The timestamp when the access key was created.

      • lastUsed (dict) –

        An object that describes the last time the access key was used.

        Note

        This object does not include data in the response of a CreateBucketAccessKey action. If the access key has not been used, the region and serviceName values are N/A , and the lastUsedDate value is null.

        • lastUsedDate (datetime) –

          The date and time when the access key was most recently used.

          This value is null if the access key has not been used.

        • region (string) –

          The Amazon Web Services Region where this access key was most recently used.

          This value is N/A if the access key has not been used.

        • serviceName (string) –

          The name of the Amazon Web Services service with which this access key was most recently used.

          This value is N/A if the access key has not been used.

    • operations (list) –

      An array of objects that describe the result of the action, such as the status of the request, the timestamp of the request, and the resources affected by the request.

      • (dict) –

        Describes the API operation.

        • id (string) –

          The ID of the operation.

        • resourceName (string) –

          The resource name.

        • resourceType (string) –

          The resource type.

        • createdAt (datetime) –

          The timestamp when the operation was initialized (e.g., 1479816991.349 ).

        • location (dict) –

          The Amazon Web Services Region and Availability Zone.

          • availabilityZone (string) –

            The Availability Zone. Follows the format us-east-2a (case-sensitive).

          • regionName (string) –

            The Amazon Web Services Region name.

        • isTerminal (boolean) –

          A Boolean value indicating whether the operation is terminal.

        • operationDetails (string) –

          Details about the operation (e.g., Debian-1GB-Ohio-1 ).

        • operationType (string) –

          The type of operation.

        • status (string) –

          The status of the operation.

        • statusChangedAt (datetime) –

          The timestamp when the status was changed (e.g., 1479816991.349 ).

        • errorCode (string) –

          The error code.

        • errorDetails (string) –

          The error details.

Exceptions

  • Lightsail.Client.exceptions.AccessDeniedException

  • Lightsail.Client.exceptions.NotFoundException

  • Lightsail.Client.exceptions.InvalidInputException

  • Lightsail.Client.exceptions.ServiceException

  • Lightsail.Client.exceptions.UnauthenticatedException