Tag Archives: deactivate access keys in aws

Create access keys in AWS

Learn how to create access keys in AWS with screenshots. Also see how to make access key active, inactive, and delete.

Access keys in AWS

Security is a top priority when you are using cloud services. Username/password is a primitive form of security we used for account security. Since technology has evolved and automation took over the day-to-day activities, manual work has been transformed into API calls. Many things get their work done by making API calls to respected services.

In the cloud, once service gets connected to another service with API Calls. API calls also need to get authenticated across services so that your cloud infra stays secure. For that AWS uses access keys that can be supplied to source service to get it authenticated at destination service and complete API calls. Now, the question is where are my access keys in AWS? Where to create access keys in AWS? In this article we will see how to create, make active, make inactive, and delete access keys in AWS.

How to create access keys in AWS?

Login to your AWS console and navigate to this IAM dashboard part. This page helps you to manage your security credentials like password, MFA, access keys, certificates, etc. Expand ‘Access Keys (Access Key ID and Secret Access Key)‘ and you will see space to create new access keys like below.

Access keys dashboard

Here, click on the button ‘Create New Access Key‘.  Once clicked your access key pair will be generated automatically. Each access key pair consist of access key ID and secret access key. Access key ID will be visible to you in your account all the time (like you can see it in the above screenshot). But, the secret access key is visible only time of the creation for security purposes. You also have the choice to download a secret access key file. But apart from this file and time of creation you won’t be able to see/retrieve this key. It’s your duty to keep it safe. After hitting create keys button you will see below screen :

Create access keys

Both keys can be reveled to copy and save, by clicking the Show Access Key‘ link in the above dialogue box. Keys will be shown to you in plain text like below :

Display access keys

You can also opt to save this key pair. Click Download Key File button. Your key pair will be downloaded as a rootkey.csv file. Inside the CSV file, the key pair is in plain text format as stated below.

AWSAccessKeyId=AKIAJAF2XYBVMIH7J5LA
AWSSecretKey=X5jXaDRGXd0vtEOEkRodpWC34MvSnTP7LbiE+8Kf

That’s it! Your access key pair is ready to be used in AWS services. For example we used access keys while mounting an S3 bucket on the Linux server.

How to make access key inactive?

Your existing key pairs you must be used in some services. But sometimes they are sitting idle there since you haven’t used them. Sometimes, you need to stop the access to service which was using key pair. In such cases, it’s best to make that key pair inactive. So that access to service using that key pair will be paused. This might be useful in troubleshooting as well.

To make access key inactive visit the same security console in your AWS account and list all existing key pairs by expanding  ‘Access Keys (Access Key ID and Secret Access Key)‘. Identify your required key and click the Make Inactive‘ link against it in the last column named ‘Actions’.

The key status will turn inactive and all its authorizations will be paused. It can be verified in a column named status against it.

How to make access key active?

For all keys which are inactive in the state will have a ‘Make Active’ link against them in the last ‘Actions’ column. You have to click it to make them active again.

How to delete access key?

Under Actions column you will also see Delete link besides active/inactive one. This is to be used when you want to delete access key.

Delete access key

It will confirm you like the above screenshot before deleting. Deleting key will still keep it in dashboard listing with status as ‘delete’ but you won’t be able to use it in the future.