In Identity and Access Management, when you first create a new user, certain security credentials are
automatically generated. Which of the below are valid security credentials?
A.
Access Key ID, Authorized Key
B.
Private Key, Secret Access Key
C.
Private Key, Authorized Key
D.
Access Key ID, Secret Access Key
Access keys (access key ID and secret access key)
Access keys consist of an access key ID (for example, AKIAIOSFODNN7EXAMPLE) and a secret access key (for example, wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY). You use access keys to sign programmatic requests that you make to AWS if you use the AWS SDKs, REST, or Query APIs. The AWS SDKs use your access keys to sign requests for you, so that you don’t have to handle the signing process. You can also sign requests manually. For more information, see Signing AWS API Requests.
Access keys are also used with command line interfaces (CLIs). When you use a CLI, the commands that you issue are signed by your access keys, which you can either pass with the command or store as configuration settings on your computer.
You can also create and use temporary access keys, known as temporary security credentials. In addition to the access key ID and secret access key, temporary security credentials include a security token that you must send to AWS when you use temporary security credentials. The advantage of temporary security credentials is that they are short-term. After they expire, they’re no longer valid. You can use temporary access keys in less secure environments or distribute them to grant users temporary access to resources in your AWS account.
For example, you can grant entities from other AWS accounts access to resources in your AWS account (cross-account access) or grant users who don’t have AWS security credentials access to resources in your AWS account (federation). For more information, see Temporary Security Credentials in the IAM User Guide.
You can have a maximum of two access keys (active or inactive) at a time. For your AWS (root) account, see Managing Access Keys for your AWS Account. For IAM users, you can create IAM access keys with the IAM console. For more information, see Creating, Modifying, and Viewing Access Keys (AWS Management Console) in the IAM User Guide.
Important
If you or your IAM users forget or lose the secret access key, you can create a new access key.