Amazon Lightsail

2021/08/06 - Amazon Lightsail - 2 updated api methods

Changes  This release adds support to track when a bucket access key was last used.

CreateBucketAccessKey (updated) Link ¶
Changes (response)
{'accessKey': {'lastUsed': {'lastUsedDate': 'timestamp',
                            'region': 'string',
                            'serviceName': 'string'}}}

Creates a new access key for the specified Amazon Lightsail bucket. Access keys consist of an access key ID and corresponding secret access key.

Access keys grant full programmatic access to the specified bucket and its objects. You can have a maximum of two access keys per bucket. Use the GetBucketAccessKeys action to get a list of current access keys for a specific bucket. For more information about access keys, see Creating access keys for a bucket in Amazon Lightsail in the Amazon Lightsail Developer Guide .

Warning

The secretAccessKey value is returned only in response to the CreateBucketAccessKey action. You can get a secret access key only when you first create an access key; you cannot get the secret access key later. If you lose the secret access key, you must create a new access key.

See also: AWS API Documentation

Request Syntax

client.create_bucket_access_key(
    bucketName='string'
)
type bucketName

string

param bucketName

[REQUIRED]

The name of the bucket that the new access key will belong to, and grant access to.

rtype

dict

returns

Response Syntax

{
    'accessKey': {
        'accessKeyId': 'string',
        'secretAccessKey': 'string',
        'status': 'Active'|'Inactive',
        'createdAt': datetime(2015, 1, 1),
        'lastUsed': {
            'lastUsedDate': datetime(2015, 1, 1),
            'region': 'string',
            'serviceName': 'string'
        }
    },
    'operations': [
        {
            'id': 'string',
            'resourceName': 'string',
            'resourceType': 'ContainerService'|'Instance'|'StaticIp'|'KeyPair'|'InstanceSnapshot'|'Domain'|'PeeredVpc'|'LoadBalancer'|'LoadBalancerTlsCertificate'|'Disk'|'DiskSnapshot'|'RelationalDatabase'|'RelationalDatabaseSnapshot'|'ExportSnapshotRecord'|'CloudFormationStackRecord'|'Alarm'|'ContactMethod'|'Distribution'|'Certificate'|'Bucket',
            'createdAt': datetime(2015, 1, 1),
            'location': {
                'availabilityZone': 'string',
                'regionName': 'us-east-1'|'us-east-2'|'us-west-1'|'us-west-2'|'eu-west-1'|'eu-west-2'|'eu-west-3'|'eu-central-1'|'ca-central-1'|'ap-south-1'|'ap-southeast-1'|'ap-southeast-2'|'ap-northeast-1'|'ap-northeast-2'|'eu-north-1'
            },
            'isTerminal': True|False,
            'operationDetails': 'string',
            'operationType': 'DeleteKnownHostKeys'|'DeleteInstance'|'CreateInstance'|'StopInstance'|'StartInstance'|'RebootInstance'|'OpenInstancePublicPorts'|'PutInstancePublicPorts'|'CloseInstancePublicPorts'|'AllocateStaticIp'|'ReleaseStaticIp'|'AttachStaticIp'|'DetachStaticIp'|'UpdateDomainEntry'|'DeleteDomainEntry'|'CreateDomain'|'DeleteDomain'|'CreateInstanceSnapshot'|'DeleteInstanceSnapshot'|'CreateInstancesFromSnapshot'|'CreateLoadBalancer'|'DeleteLoadBalancer'|'AttachInstancesToLoadBalancer'|'DetachInstancesFromLoadBalancer'|'UpdateLoadBalancerAttribute'|'CreateLoadBalancerTlsCertificate'|'DeleteLoadBalancerTlsCertificate'|'AttachLoadBalancerTlsCertificate'|'CreateDisk'|'DeleteDisk'|'AttachDisk'|'DetachDisk'|'CreateDiskSnapshot'|'DeleteDiskSnapshot'|'CreateDiskFromSnapshot'|'CreateRelationalDatabase'|'UpdateRelationalDatabase'|'DeleteRelationalDatabase'|'CreateRelationalDatabaseFromSnapshot'|'CreateRelationalDatabaseSnapshot'|'DeleteRelationalDatabaseSnapshot'|'UpdateRelationalDatabaseParameters'|'StartRelationalDatabase'|'RebootRelationalDatabase'|'StopRelationalDatabase'|'EnableAddOn'|'DisableAddOn'|'PutAlarm'|'GetAlarms'|'DeleteAlarm'|'TestAlarm'|'CreateContactMethod'|'GetContactMethods'|'SendContactMethodVerification'|'DeleteContactMethod'|'CreateDistribution'|'UpdateDistribution'|'DeleteDistribution'|'ResetDistributionCache'|'AttachCertificateToDistribution'|'DetachCertificateFromDistribution'|'UpdateDistributionBundle'|'SetIpAddressType'|'CreateCertificate'|'DeleteCertificate'|'CreateContainerService'|'UpdateContainerService'|'DeleteContainerService'|'CreateContainerServiceDeployment'|'CreateContainerServiceRegistryLogin'|'RegisterContainerImage'|'DeleteContainerImage'|'CreateBucket'|'DeleteBucket'|'CreateBucketAccessKey'|'DeleteBucketAccessKey'|'UpdateBucketBundle'|'UpdateBucket'|'SetResourceAccessForBucket',
            'status': 'NotStarted'|'Started'|'Failed'|'Completed'|'Succeeded',
            'statusChangedAt': datetime(2015, 1, 1),
            'errorCode': 'string',
            'errorDetails': 'string'
        },
    ]
}

Response Structure

  • (dict) --

    • accessKey (dict) --

      An object that describes the access key that is created.

      • accessKeyId (string) --

        The ID of the access key.

      • secretAccessKey (string) --

        The secret access key used to sign requests.

        You should store the secret access key in a safe location. We recommend that you delete the access key if the secret access key is compromised.

      • status (string) --

        The status of the access key.

        A status of Active means that the key is valid, while Inactive means it is not.

      • createdAt (datetime) --

        The timestamp when the access key was created.

      • lastUsed (dict) --

        An object that describes the last time the access key was used.

        Note

        This object does not include data in the response of a CreateBucketAccessKey action. If the access key has not been used, the region and serviceName values are N/A , and the lastUsedDate value is null.

        • lastUsedDate (datetime) --

          The date and time when the access key was most recently used.

          This value is null if the access key has not been used.

        • region (string) --

          The AWS Region where this access key was most recently used.

          This value is N/A if the access key has not been used.

        • serviceName (string) --

          The name of the AWS service with which this access key was most recently used.

          This value is N/A if the access key has not been used.

    • operations (list) --

      An array of objects that describe the result of the action, such as the status of the request, the timestamp of the request, and the resources affected by the request.

      • (dict) --

        Describes the API operation.

        • id (string) --

          The ID of the operation.

        • resourceName (string) --

          The resource name.

        • resourceType (string) --

          The resource type.

        • createdAt (datetime) --

          The timestamp when the operation was initialized (e.g., 1479816991.349 ).

        • location (dict) --

          The AWS Region and Availability Zone.

          • availabilityZone (string) --

            The Availability Zone. Follows the format us-east-2a (case-sensitive).

          • regionName (string) --

            The AWS Region name.

        • isTerminal (boolean) --

          A Boolean value indicating whether the operation is terminal.

        • operationDetails (string) --

          Details about the operation (e.g., Debian-1GB-Ohio-1 ).

        • operationType (string) --

          The type of operation.

        • status (string) --

          The status of the operation.

        • statusChangedAt (datetime) --

          The timestamp when the status was changed (e.g., 1479816991.349 ).

        • errorCode (string) --

          The error code.

        • errorDetails (string) --

          The error details.

GetBucketAccessKeys (updated) Link ¶
Changes (response)
{'accessKeys': {'lastUsed': {'lastUsedDate': 'timestamp',
                             'region': 'string',
                             'serviceName': 'string'}}}

Returns the existing access key IDs for the specified Amazon Lightsail bucket.

Warning

This action does not return the secret access key value of an access key. You can get a secret access key only when you create it from the response of the CreateBucketAccessKey action. If you lose the secret access key, you must create a new access key.

See also: AWS API Documentation

Request Syntax

client.get_bucket_access_keys(
    bucketName='string'
)
type bucketName

string

param bucketName

[REQUIRED]

The name of the bucket for which to return access keys.

rtype

dict

returns

Response Syntax

{
    'accessKeys': [
        {
            'accessKeyId': 'string',
            'secretAccessKey': 'string',
            'status': 'Active'|'Inactive',
            'createdAt': datetime(2015, 1, 1),
            'lastUsed': {
                'lastUsedDate': datetime(2015, 1, 1),
                'region': 'string',
                'serviceName': 'string'
            }
        },
    ]
}

Response Structure

  • (dict) --

    • accessKeys (list) --

      An object that describes the access keys for the specified bucket.

      • (dict) --

        Describes an access key for an Amazon Lightsail bucket.

        Access keys grant full programmatic access to the specified bucket and its objects. You can have a maximum of two access keys per bucket. Use the CreateBucketAccessKey action to create an access key for a specific bucket. For more information about access keys, see Creating access keys for a bucket in Amazon Lightsail in the Amazon Lightsail Developer Guide .

        Warning

        The secretAccessKey value is returned only in response to the CreateBucketAccessKey action. You can get a secret access key only when you first create an access key; you cannot get the secret access key later. If you lose the secret access key, you must create a new access key.

        • accessKeyId (string) --

          The ID of the access key.

        • secretAccessKey (string) --

          The secret access key used to sign requests.

          You should store the secret access key in a safe location. We recommend that you delete the access key if the secret access key is compromised.

        • status (string) --

          The status of the access key.

          A status of Active means that the key is valid, while Inactive means it is not.

        • createdAt (datetime) --

          The timestamp when the access key was created.

        • lastUsed (dict) --

          An object that describes the last time the access key was used.

          Note

          This object does not include data in the response of a CreateBucketAccessKey action. If the access key has not been used, the region and serviceName values are N/A , and the lastUsedDate value is null.

          • lastUsedDate (datetime) --

            The date and time when the access key was most recently used.

            This value is null if the access key has not been used.

          • region (string) --

            The AWS Region where this access key was most recently used.

            This value is N/A if the access key has not been used.

          • serviceName (string) --

            The name of the AWS service with which this access key was most recently used.

            This value is N/A if the access key has not been used.