Yandex Cloud
  • Services
  • Solutions
  • Why Yandex Cloud
  • Blog
  • Pricing
  • Documentation
  • Contact us
Get started
Language / Region
Yandex project
© 2023 Yandex.Cloud LLC
Yandex Identity and Access Management
  • Getting started
    • How to manage access to resources
    • How to work with service accounts
  • Step-by-step instructions
    • All instructions
    • Handling secrets that are available in the public domain
    • Users
      • Adding users
      • Getting user ID or email
      • Deleting a user
    • Groups of users
      • Creating a group
      • Setting up group access bindings
      • Granting group permissions
    • Service accounts
      • Creating a service account
      • Updating a service account
      • Assigning roles to a service account
      • Setting up access rights for service accounts
      • Creating static access keys
      • Deleting static access keys
      • Getting the service account ID
      • Deleting a service account
    • Roles
      • Assigning roles
      • Viewing assigned roles
      • Revoking roles
    • IAM tokens
      • Getting an IAM token for a Yandex account
      • Getting an IAM token for a service account
      • Getting an IAM token for a federated account
    • Keys
      • Creating API keys
      • Deleting API keys
      • Creating authorized keys
      • Deleting authorized keys
  • Concepts
    • Overview
    • How access management works
      • Overview
      • Roles
      • System groups
      • Resources that roles can be assigned for
    • Authorization
      • Overview
      • IAM token
      • OAuth token
      • API key
      • Authorized keys
      • AWS-compatible access keys
    • Service accounts
    • Identity federations
    • Quotas and limits
  • How to use Yandex Cloud securely
  • Access management
  • Pricing policy
  • API reference
    • Authentication in the API
    • gRPC
      • Overview
      • ApiKeyService
      • IamTokenService
      • KeyService
      • RoleService
      • ServiceAccountService
      • UserAccountService
      • YandexPassportUserAccountService
      • AccessKeyService
      • CertificateService
      • FederationService
      • OperationService
    • REST
      • Overview
      • ApiKey
        • Overview
        • create
        • delete
        • get
        • list
        • listOperations
        • update
      • IamToken
        • Overview
        • create
        • createForServiceAccount
      • Key
        • Overview
        • create
        • delete
        • get
        • list
        • listOperations
        • update
      • Role
        • Overview
        • get
        • list
      • ServiceAccount
        • Overview
        • create
        • delete
        • get
        • list
        • listAccessBindings
        • listOperations
        • setAccessBindings
        • update
        • updateAccessBindings
      • UserAccount
        • Overview
        • get
      • YandexPassportUserAccount
        • Overview
        • getByLogin
      • Operation
        • Overview
        • get
      • AccessKey
        • Overview
        • list
        • get
        • delete
        • update
        • listOperations
        • create
      • Federation
        • Overview
        • list
        • get
        • listUserAccounts
        • delete
        • addUserAccounts
        • update
        • listOperations
        • create
      • Certificate
        • Overview
        • list
        • get
        • delete
        • update
        • listOperations
        • create
  • Questions and answers
    • General questions
    • Logging in and accessing resources
    • All questions on one page
  1. API reference
  2. REST
  3. AccessKey
  4. create

Identity and Access Management API, REST: AccessKey.create

Written by
Yandex Cloud
  • HTTP request
  • Body parameters
  • Response

Creates an access key for the specified service account.

HTTP request

POST https://iam.api.cloud.yandex.net/iam/aws-compatibility/v1/accessKeys

Body parameters

{
  "serviceAccountId": "string",
  "description": "string"
}
Field Description
serviceAccountId string

ID of the service account to create an access key for. To get the service account ID, use a list request. If not specified, it defaults to the subject that made the request.

The maximum string length in characters is 50.

description string

Description of the access key.

The maximum string length in characters is 256.

Response

HTTP Code: 200 - OK

{
  "accessKey": {
    "id": "string",
    "serviceAccountId": "string",
    "createdAt": "string",
    "description": "string",
    "keyId": "string"
  },
  "secret": "string"
}
Field Description
accessKey object

AccessKey resource.

An access key. For more information, see AWS-compatible access keys.

accessKey.
id
string

ID of the AccessKey resource. It is used to manage secret credentials: an access key ID and a secret access key.

accessKey.
serviceAccountId
string

ID of the service account that the access key belongs to.

accessKey.
createdAt
string (date-time)

Creation timestamp.

String in RFC3339 text format. The range of possible values is from 0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z, i.e. from 0 to 9 digits for fractions of a second.

To work with values in this field, use the APIs described in the Protocol Buffers reference. In some languages, built-in datetime utilities do not support nanosecond precision (9 digits).

accessKey.
description
string

Description of the access key. 0-256 characters long.

accessKey.
keyId
string

ID of the access key. The key is AWS compatible.

secret string

Secret access key. The key is AWS compatible.

Was the article helpful?

Language / Region
Yandex project
© 2023 Yandex.Cloud LLC
In this article:
  • HTTP request
  • Body parameters
  • Response