class AWS::IAM::AccessKey

@attr_reader [Symbol] status The status of this access key.

Status may be `:active` or `:inactive`.

@attr_reader [Time] create_date

Attributes

access_key_id[R]

@return [String] Returns the access key id.

id[R]

@return [String] Returns the access key id.

user[R]

@return [User,nil] Returns the user this access key belongs to.

Returns `nil` if this access key belongs to the AWS account and not
a specific user.

Public Class Methods

new(access_key_id, options = {}) click to toggle source

@param [String] access_key_id The id of this access key. @param [Hash] options @option [String] :user The IAM user this access key belongs to.

If `:user` is omitted then this access key belongs to the
AWS account.
Calls superclass method
# File lib/aws/iam/access_key.rb, line 29
def initialize access_key_id, options = {}
  @id = access_key_id
  options[:secret_value] = nil unless options.has_key?(:secret_value)
  @user = options[:user]
  @user ? super(@user, options) : super(options)
end

Public Instance Methods

activate!() click to toggle source

Activates this access key.

@example

access_key.activate!
access_key.status
# => :active

@return [nil]

# File lib/aws/iam/access_key.rb, line 114
def activate!
  self.status = 'Active'
  nil
end
active?() click to toggle source

@return [Boolean] Returns true if this access key is active.

# File lib/aws/iam/access_key.rb, line 97
def active?
  status == :active
end
credentials() click to toggle source

Returns a hash that should be saved somewhere safe.

access_keys = iam.access_keys.create
access_keys.credentials
#=> { :access_key_id => '...', :secret_access_key => '...' }

You can also use these credentials to make requests:

s3 = AWS::S3.new(access_keys.credentials)
s3.buckets.create('newbucket')

@return [Hash] Returns a hash with the access key id and

secret access key.
# File lib/aws/iam/access_key.rb, line 152
def credentials
  { :access_key_id => id, :secret_access_key => secret }
end
deactivate!() click to toggle source

Deactivates this access key.

@example

access_key.deactivate!
access_key.status
# => :inactive

@return [nil] @return [nil]

# File lib/aws/iam/access_key.rb, line 128
def deactivate!
  self.status = 'Inactive'
  nil
end
delete() click to toggle source

Deletes the access key.

# File lib/aws/iam/access_key.rb, line 134
def delete
  client.delete_access_key(resource_options)
  nil
end
inactive?() click to toggle source

@return [Boolean] Returns true if this access key is inactive.

# File lib/aws/iam/access_key.rb, line 102
def inactive?
  status == :inactive
end
secret() click to toggle source

Returns the secret access key.

You can only access the secret for newly created access keys. Calling ‘secret` on existing access keys raises an error.

@example Getting the secret from a newly created access key

access_key = iam.access_keys.create
access_key.secret
#=> 'SECRET_ACCESS_KEY'

@example Failing to get the secret from an existing access key.

access_key = iam.access_keys.first
access_key.secret
#=> raises a runtime error

@return [String] Returns the secret access key.

# File lib/aws/iam/access_key.rb, line 83
def secret
  secret_value or raise 'secret is only available for new access keys'
end
Also aliased as: secret_access_key
secret_access_key()
Alias for: secret
user_name() click to toggle source

@return [String,nil] Returns the name of the user this access key

belogns to.  If the access key belongs to the account, `nil` is
returned.
# File lib/aws/iam/access_key.rb, line 92
def user_name
  @user ? @user.name : nil
end

Protected Instance Methods

get_resource(attribute) click to toggle source

IAM does not provide a request for “get access keys”. Also note, we do not page the response. This is because restrictions on how many access keys an account / user may have is fewer than one page of results. @api private

# File lib/aws/iam/access_key.rb, line 171
def get_resource attribute
  options = user ? { :user_name => user.name } : {}
  client.list_access_keys(options)
end
matches_response_object?(obj) click to toggle source

@api private

# File lib/aws/iam/access_key.rb, line 178
def matches_response_object? obj
  user_name = obj.respond_to?(:user_name) ? obj.user_name : nil
  obj.access_key_id == self.id and user_name == self.user_name
end
resource_identifiers() click to toggle source

@api private

# File lib/aws/iam/access_key.rb, line 158
def resource_identifiers
  identifiers = []
  identifiers << [:access_key_id, id]
  identifiers << [:user_name, user.name] if user
  identifiers
end