Search code examples
cloud

3DS OutScale programmatic user

Outscale documentation says:

The root user must create access keys manually for each user.

It is recommended to renew your access key regularly.

Is there a way to create user fully programmatically ?

Motivation:

  • I want to create API Access Key for programmatic user (softwares). Doing it manually is too limiting.
  • How do we regularly rotate the Keys for my softwares ? Manually ?
  • If it must be done manually, how can it be delegated to colleagues without granting them root access ?
Solution

  • For EIM users it can be done like this

    from osc_sdk_python import Gateway    
gw = Gateway(...)
gw.CreateUser(UserName="Alice")
new_key= gw.CreateAccessKey(UserName="Alice")

    EIM users cannot access all Outscale services (ex: OOS).

    For root (account) users, the creation cannot to be automated.

    The key rotation (EIM and root users) can be done like this:

    from osc_sdk_python import Gateway    
gw = Gateway(...)
new_key= gw.CreateAccessKey()
gw.DeleteAccessKey(AccessKeyId=old_key["AccessKeyId"])