class AccessKey (construct)
Language | Type name |
---|---|
.NET | Amazon.CDK.AWS.IAM.AccessKey |
Go | github.com/aws/aws-cdk-go/awscdk/v2/awsiam#AccessKey |
Java | software.amazon.awscdk.services.iam.AccessKey |
Python | aws_cdk.aws_iam.AccessKey |
TypeScript (source) | aws-cdk-lib » aws_iam » AccessKey |
Implements
IConstruct
, IDependable
, IResource
, IAccess
Define a new IAM Access Key.
Example
// Creates a new IAM user, access and secret keys, and stores the secret access key in a Secret.
const user = new iam.User(this, 'User');
const accessKey = new iam.AccessKey(this, 'AccessKey', { user });
const secret = new secretsmanager.Secret(this, 'Secret', {
secretStringValue: accessKey.secretAccessKey,
});
Initializer
new AccessKey(scope: Construct, id: string, props: AccessKeyProps)
Parameters
- scope
Construct
- id
string
- props
Access
Key Props
Construct Props
Name | Type | Description |
---|---|---|
user | IUser | The IAM user this key will belong to. |
serial? | number | A CloudFormation-specific value that signifies the access key should be replaced/rotated. |
status? | Access | The status of the access key. |
user
Type:
IUser
The IAM user this key will belong to.
Changing this value will result in the access key being deleted and a new access key (with a different ID and secret value) being assigned to the new user.
serial?
Type:
number
(optional, default: No serial value)
A CloudFormation-specific value that signifies the access key should be replaced/rotated.
This value can only be incremented. Incrementing this value will cause CloudFormation to replace the Access Key resource.
status?
Type:
Access
(optional, default: The access key is active)
The status of the access key.
An Active access key is allowed to be used to make API calls; An Inactive key cannot.
Properties
Name | Type | Description |
---|---|---|
access | string | The Access Key ID. |
env | Resource | The environment this resource belongs to. |
node | Node | The tree node. |
secret | Secret | The Secret Access Key. |
stack | Stack | The stack in which this resource is defined. |
accessKeyId
Type:
string
The Access Key ID.
env
Type:
Resource
The environment this resource belongs to.
For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.
node
Type:
Node
The tree node.
secretAccessKey
Type:
Secret
The Secret Access Key.
stack
Type:
Stack
The stack in which this resource is defined.
Methods
Name | Description |
---|---|
apply | Apply the given removal policy to this resource. |
to | Returns a string representation of this construct. |
applyRemovalPolicy(policy)
public applyRemovalPolicy(policy: RemovalPolicy): void
Parameters
- policy
Removal
Policy
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY
), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN
).
toString()
public toString(): string
Returns
string
Returns a string representation of this construct.