[英]Can I create a AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY with an IAM user?
When logged in as root, I visted the "My Security Credentials" tab in order to create the Access Key ID and Key. 以root用户身份登录后,我访问了“我的安全证书”选项卡,以创建访问密钥ID和密钥。 I see a big message that states:
我看到一条大消息指出:
As described in a previous announcement, you cannot retrieve the existing secret access keys for your AWS root account, though you can still create a new root access key at any time.
如前一个公告中所述,尽管您仍然可以随时创建一个新的根访问密钥,但是您无法为您的AWS根账户检索现有的秘密访问密钥。 As a best practice, we recommend creating an IAM user that has access keys rather than relying on root access keys.
作为最佳实践,我们建议创建一个具有访问密钥而不是依赖于根访问密钥的IAM用户。
Fine, so I create an IAM Group with Administrative Privilege and then I create an IAM User and add the IAM User to the Group. 很好,因此我创建了一个具有管理权限的IAM组,然后创建了一个IAM用户并将该IAM用户添加到该组中。 Then I log in as the IAM User.
然后,我以IAM用户身份登录。 Then I visit 'My Security Credentials'.
然后,我访问“我的安全凭证”。 But this time there is no screen allowing me to create a new Access Key.
但是这次没有屏幕允许我创建新的访问密钥。 Instead it just allows me to change my password.
相反,它只允许我更改密码。 So how am I supposed to create the Access ID and Key as an IAM User?
那么,我应该如何以IAM用户身份创建访问ID和密钥?
When logged in as an IAM user the "My Security Credentials" link in the user menu only allows you to change your password. 以IAM用户身份登录时,用户菜单中的“我的安全证书”链接仅允许您更改密码。
Instead follow these steps to generate new access keys for an IAM user: 而是按照以下步骤为IAM用户生成新的访问密钥:
It is worth noting, that as this is an operation being performed against a given IAM user, you do not need to be logged in as that user to generate keys. 值得注意的是,由于这是针对给定IAM用户执行的操作,因此您无需以该用户身份登录即可生成密钥。 Any authorized user such as the root user, or another properly authorized IAM user can perform these actions.
任何授权用户(例如root用户)或另一个经过适当授权的IAM用户都可以执行这些操作。
These steps are described in further detail in the following IAM documentation page: Creating, Modifying, and Viewing Access Keys (AWS Management Console) 以下IAM文档页面中进一步详细描述了这些步骤: 创建,修改和查看访问密钥(AWS管理控制台)
I am trying to reproduce your problem, but not seeing the same results (I am able to create new access keys). 我正在尝试重现您的问题,但没有看到相同的结果(我能够创建新的访问密钥)。
Did you assign "AdministratorAccess" to the group, or did you use one of the other managed-policies? 您是否已将“ AdministratorAccess”分配给该组,还是使用了其他托管策略之一? Are you sure your IAM User is a member of the Administrator group?
您确定您的IAM用户是管理员组的成员吗?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.