:doc:`Lightsail <../../lightsail>` / Client / get_bucket_access_keys

**********************
get_bucket_access_keys
**********************



.. py:method:: Lightsail.Client.get_bucket_access_keys(**kwargs)

  

  Returns the existing access key IDs for the specified Amazon Lightsail bucket.

   

  .. warning::

     

    This action does not return the secret access key value of an access key. You can get a secret access key only when you create it from the response of the `CreateBucketAccessKey <https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateBucketAccessKey.html>`__ action. If you lose the secret access key, you must create a new access key.

    

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/lightsail-2016-11-28/GetBucketAccessKeys>`_  


  **Request Syntax**
  ::

    response = client.get_bucket_access_keys(
        bucketName='string'
    )
    
  :type bucketName: string
  :param bucketName: **[REQUIRED]** 

    The name of the bucket for which to return access keys.

    

  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'accessKeys': [
              {
                  'accessKeyId': 'string',
                  'secretAccessKey': 'string',
                  'status': 'Active'|'Inactive',
                  'createdAt': datetime(2015, 1, 1),
                  'lastUsed': {
                      'lastUsedDate': datetime(2015, 1, 1),
                      'region': 'string',
                      'serviceName': 'string'
                  }
              },
          ]
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **accessKeys** *(list) --* 

        An object that describes the access keys for the specified bucket.

        
        

        - *(dict) --* 

          Describes an access key for an Amazon Lightsail bucket.

           

          Access keys grant full programmatic access to the specified bucket and its objects. You can have a maximum of two access keys per bucket. Use the `CreateBucketAccessKey <https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateBucketAccessKey.html>`__ action to create an access key for a specific bucket. For more information about access keys, see `Creating access keys for a bucket in Amazon Lightsail <https://docs.aws.amazon.com/lightsail/latest/userguide/amazon-lightsail-creating-bucket-access-keys>`__ in the *Amazon Lightsail Developer Guide*.

           

          .. warning::

             

            The ``secretAccessKey`` value is returned only in response to the ``CreateBucketAccessKey`` action. You can get a secret access key only when you first create an access key; you cannot get the secret access key later. If you lose the secret access key, you must create a new access key.

            

          
          

          - **accessKeyId** *(string) --* 

            The ID of the access key.

            
          

          - **secretAccessKey** *(string) --* 

            The secret access key used to sign requests.

             

            You should store the secret access key in a safe location. We recommend that you delete the access key if the secret access key is compromised.

            
          

          - **status** *(string) --* 

            The status of the access key.

             

            A status of ``Active`` means that the key is valid, while ``Inactive`` means it is not.

            
          

          - **createdAt** *(datetime) --* 

            The timestamp when the access key was created.

            
          

          - **lastUsed** *(dict) --* 

            An object that describes the last time the access key was used.

             

            .. note::

              

              This object does not include data in the response of a `CreateBucketAccessKey <https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateBucketAccessKey.html>`__ action. If the access key has not been used, the ``region`` and ``serviceName`` values are ``N/A``, and the ``lastUsedDate`` value is null.

              

            
            

            - **lastUsedDate** *(datetime) --* 

              The date and time when the access key was most recently used.

               

              This value is null if the access key has not been used.

              
            

            - **region** *(string) --* 

              The Amazon Web Services Region where this access key was most recently used.

               

              This value is ``N/A`` if the access key has not been used.

              
            

            - **serviceName** *(string) --* 

              The name of the Amazon Web Services service with which this access key was most recently used.

               

              This value is ``N/A`` if the access key has not been used.

              
        
      
    
  
  **Exceptions**
  
  *   :py:class:`Lightsail.Client.exceptions.AccessDeniedException`

  
  *   :py:class:`Lightsail.Client.exceptions.InvalidInputException`

  
  *   :py:class:`Lightsail.Client.exceptions.NotFoundException`

  
  *   :py:class:`Lightsail.Client.exceptions.ServiceException`

  
  *   :py:class:`Lightsail.Client.exceptions.UnauthenticatedException`

  
  *   :py:class:`Lightsail.Client.exceptions.RegionSetupInProgressException`

  