Access Keys & Authentication
Deployport provides multiple authentication methods for accessing resources programmatically, ranging from long-term access keys to short-lived temporary credentials.
Access Keys
Section titled “Access Keys”Access keys provide long-term credentials for programmatic access to Deployport APIs. They consist of an Access Key ID and Secret Access Key pair.
Generating Access Keys
Section titled “Generating Access Keys”Generate access keys for specific users:
deployport iam users access-keys generate -u <username>Example:
deployport iam users access-keys generate -u u1This will output an Access Key ID and Secret Access Key that can be used for programmatic access.
Temporary Keys
Section titled “Temporary Keys”Temporary keys are short-lived credentials that automatically expire, providing enhanced security for time-limited access. These are typically obtained through role assumption.
Basic Role Assumption
Section titled “Basic Role Assumption”deployport iam roles assume <role-name>Example:
deployport iam roles assume r1Custom Duration
Section titled “Custom Duration”You can specify a custom duration for the temporary credentials:
deployport iam roles assume <role-name> --duration <duration>Example:
# Assume role for 15 minutesdeployport iam roles assume r1 --duration 15mAuthentication Best Practices
Section titled “Authentication Best Practices”When to Use Each Method
Section titled “When to Use Each Method”- Access Keys: Use for long-running applications or users that need consistent access
- Temporary Keys: Prefer for short-term access, CI/CD pipelines, and human users
Security Considerations
Section titled “Security Considerations”- Rotate Regularly: Set up a schedule to rotate access keys
- Principle of Least Privilege: Grant only the minimum permissions needed
- Monitor Usage: Keep logs of credential usage and access patterns
- Never Store in Code: Use environment variables or secure credential stores