mc idp ldap accesskey edit

mc idp ldap accesskey edit modifies the specified access key on the local server.

Syntax

Example Syntax

The command has the following syntax:

mc [GLOBALFLAGS] idp ldap accesskey rm                        \
                                 ALIAS                        \
                                 KEY                          \
                                 [--secret-key <string>]      \
                                 [--policy <string>]          \
                                 [--name <string>]            \
                                 [--description <string>]     \
                                 [--expiry-duration <string>] \
                                 [--expiry <string>]

Replace ALIAS with the alias of an AIStor deployment configured for AD/LDAP integration.
Replace KEY with the access key to delete.
Brackets [] indicate optional parameters.
Parameters sharing a line are mutually dependent.
Parameters separated using the pipe | operator are mutually exclusive.

Copy the example to a text editor and modify as-needed before running the command in the terminal/shell.

Parameters

ALIAS

Required

The alias of the AIStor deployment configured for AD/LDAP.

For example:

mc idp ldap accesskey ls myaistor

KEY

Required

The configured access key to delete.

--description

Optional

Add a description for the service account. For example, you might specify the reason the access key exists.

--expiry

Optional

The future date and time when the access key expires. The access key becomes invalid at the start of the specified date and time (midnight if no time is specified).

Supported formats:

Format	Example	Description
`YYYY-MM-DD`	`2025-12-31`	Expires at midnight (00:00:00) on the specified date
`YYYY-MM-DDTHH:MM`	`2025-12-31T23:59`	Expires at the specified date and time
`YYYY-MM-DDTHH:MM:SS`	`2025-12-31T23:59:59`	Expires at the specified date, time, and seconds
RFC3339	`2025-12-31T23:59:59Z`	Expires at the specified UTC time

Dates without a timezone use the local timezone of the machine running the command. Use RFC3339 format with Z suffix or timezone offset for explicit UTC times.

Mutually exclusive with --expiry-duration.

--expiry-duration

Optional

Length of time the access key pair should remain valid for use in #d#h#s format.

For example, 7d, 24h, 5d12h30s are valid strings.

Mutually exclusive with --expiry.

--name

Optional

A human-readable name to use for the account.

--policy

Optional

File path to the JSON-formatted policy to use for the account.

If not specified, the account uses the same policy as the authenticated user.

--secret-key

Optional

A secret to use for the account.

Example

Modify a secret for an access key

Modify the secret for the access key mykey on the myaistor deployment.

mc idp ldap accesskey edit myaistor mykey --secret-key 'xxxxxxx'

Modify the expiration duration for an accesskey

Modify the expiration duration for the access key mykey on the myaistor deployment.

mc idp ldap accesskey edit myaistor mykey ---expiry-duration 24h

Global flags

This command supports any of the global flags.

Behavior

S3 compatibility

The mc command-line tool is built for compatibility with the AWS S3 API and is tested with AIStor and AWS S3 for expected functionality and behavior.

MinIO provides no guarantees for other S3-compatible services, as their S3 API implementation is unknown and therefore unsupported.

While mc commands may work as documented, any such usage is at your own risk.