Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add description/tag support while creating access key id using aws-cli. #464

Open
2 tasks
glg-satish-tripathi opened this issue Jan 24, 2023 · 6 comments
Open
2 tasks

Add description/tag support while creating access key id using aws-cli. #464

glg-satish-tripathi opened this issue Jan 24, 2023 · 6 comments
Assignees
@bhoradc
Labels
feature-request New feature or request iam service-api This issue pertains to the AWS API

Comments

@glg-satish-tripathi
Copy link

glg-satish-tripathi commented Jan 24, 2023
edited
Loading

Describe the feature

There is no option in aws cli to create and access key with description/tag as it's there in the aws web console.
The same this with aw-sdk and aws terraform provider.

image

Use Case

This will be very useful in case of automation where we are creating access key using a lambda function on a certain time interval and updating it in Jenkins/Spacelift for AWS china user as AWS china don't have role based access support.
So the description is necessary to have in order to give the Access key id a meaningful description.

Proposed Solution

aws iam create-access-key --user-name xyz --description "Key for China user"
aws iam update-access-key --access-key-id xyztxcdc --user xyz-- description "Key for China user"

Other Information

No response

Acknowledgements

  • I may be able to implement this feature request
  • This feature might incur a breaking change

CLI version used

aws-cli/2.8.4 Python/3.10.8 Darwin/22.1.0 source/arm64

Environment details (OS name and version, etc.)

MacOs
@glg-satish-tripathi glg-satish-tripathi changed the title Add description/tag while creating access key id. Add description/tag support while creating access key id using aws-cli. Jan 24, 2023
@datfinesoul
Copy link

The description field/tag on IAM Access Keys is an incredibly useful feature, and it's really a shame that it can only be done via the AWS console. Adding this functionality to the CLI would be a great addition and would allow admins to better evaluate the key's purpose.

@mikemartin1090
Copy link

After trying this in the console, I see that all this feature is doing is tagging the IAM user with a key of the access key and a value of whatever description you provide. To create this same functionality while using the AWS CLI, you'd have to do something like this:

username="mmartin-delete-after-jan-25"

tagValue="China Production Use Case"

accessKey=$(aws iam create-access-key --user-name $username --query 'AccessKey.[AccessKeyId]' --output text --no-cli-pager)

# create a tag for the access key
aws iam tag-user --user-name $username --tags Key=$accessKey,Value=$tagValue --no-cli-pager

@tim-finnigan
Copy link

Thanks @mikemartin1090 for sharing that solution! @glg-satish-tripathi does that address your use case?

@tim-finnigan tim-finnigan added iam response-requested This issue requires a response to continue labels Jan 25, 2023
@github-actions
Copy link

Greetings! It looks like this issue hasn’t been active in longer than five days. We encourage you to check if this is still an issue in the latest release. In the absence of more information, we will be closing this issue soon. If you find that this is still a problem, please feel free to provide a comment or upvote with a reaction on the initial post to prevent automatic closure. If the issue is already closed, please feel free to open a new one.

@github-actions github-actions bot added closing-soon This issue will be closed soon closed-for-staleness This issue was closed because it didn't receive updates and removed closing-soon This issue will be closed soon labels Jan 30, 2023
@github-actions github-actions bot closed this as completed Feb 1, 2023
@glg-satish-tripathi
Copy link
Author

glg-satish-tripathi commented Feb 3, 2023
edited
Loading

Sorry i am bit late on this. Thanks for the solution Mike. @tim-finnigan having a description field will still be more useful then doing it this way. In most of the aws cli we do have a description field so i think it should be here as well.

reopen #464

@tim-finnigan tim-finnigan reopened this Feb 3, 2023
@tim-finnigan tim-finnigan self-assigned this Feb 3, 2023
@tim-finnigan tim-finnigan removed response-requested This issue requires a response to continue closed-for-staleness This issue was closed because it didn't receive updates labels Feb 3, 2023
@tim-finnigan
Copy link

tim-finnigan commented Feb 3, 2023
edited
Loading

Hi @glg-satish-tripathi. In that case I will forward your feature request to the IAM team for further consideration, as new API functionality would need to be implemented by them. I'll transfer this issue to our cross-SDK repository and let you know if we have any updates. Thanks! (ticket for our reference: P80807167)

@tim-finnigan tim-finnigan transferred this issue from aws/aws-cli Feb 3, 2023
@tim-finnigan tim-finnigan added the service-api This issue pertains to the AWS API label Feb 3, 2023
@tim-finnigan tim-finnigan removed their assignment Sep 27, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@bhoradc bhoradc

Labels
feature-request New feature or request iam service-api This issue pertains to the AWS API
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@datfinesoul @mikemartin1090 @tim-finnigan @glg-satish-tripathi @bhoradc