# CreateServiceSpecificCredential Generates a set of credentials consisting of a user name and password that can be used to access the service specified in the request. These credentials are generated by IAM, and can be used only for the specified service. You can have a maximum of two sets of service-specific credentials for each supported service per user. You can create service-specific credentials for Amazon Bedrock, Amazon CloudWatch Logs, CodeCommit and Amazon Keyspaces (for Apache Cassandra). You can reset the password to a new service-generated value by calling [ResetServiceSpecificCredential](https://docs.amazonaws.cn/IAM/latest/APIReference/API_ResetServiceSpecificCredential.html). For more information about service-specific credentials, see [Service-specific credentials for IAM users](https://docs.amazonaws.cn/IAM/latest/UserGuide/id_credentials_bedrock.html) in the *IAM User Guide*. ## Request Parameters For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md). ** CredentialAgeDays ** The number of days until the service specific credential expires. This field is only valid for Bedrock and CloudWatch Logs API keys and must be a positive integer. When not specified, the credential will not expire. Type: Integer Valid Range: Minimum value of 1. Maximum value of 36600. Required: No ** ServiceName ** The name of the Amazon service that is to be associated with the credentials. The service you specify here is the only service that can be accessed using these credentials. Type: String Required: Yes ** UserName ** The name of the IAM user that is to be associated with the credentials. The new service-specific credentials have the same permissions as the associated user except that they can be used only to access the specified service. This parameter allows (through its [regex pattern](http://wikipedia.org/wiki/regex)) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: \$1\$1=,.@- Type: String Length Constraints: Minimum length of 1. Maximum length of 64. Pattern: `[\w+=,.@-]+` Required: Yes ## Response Elements The following element is returned by the service. ** ServiceSpecificCredential ** A structure that contains information about the newly created service-specific credential. This is the only time that the password for this credential set is available. It cannot be recovered later. Instead, you must reset the password with [ResetServiceSpecificCredential](https://docs.amazonaws.cn/IAM/latest/APIReference/API_ResetServiceSpecificCredential.html). Type: [ServiceSpecificCredential](API_ServiceSpecificCredential.md) object ## Errors For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md). ** LimitExceeded ** The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded. HTTP Status Code: 409 ** NoSuchEntity ** The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource. HTTP Status Code: 404 ** NotSupportedService ** The specified service does not support service-specific credentials. HTTP Status Code: 404 ## Examples ### Example In the following example, the caller creates service-specific credentials for the IAM user named `Anika` in account `123456789012`. The credentials can be used only with the Amazon service associated with the service endpoint at `codecommit.amazonaws.com `. #### Sample Request ``` https://iam.amazonaws.com/?Action=CreateServiceSpecificCredential &UserName=Anika &ServiceName=codecommit.amazonaws.com &Version=2010-05-08 &AUTHPARAMS ``` #### Sample Response ``` xTBAr/czp+D3EXAMPLE47lrJ6/43r2zqGwR3EXAMPLE= codecommit.amazonaws.com anika anika+1-at-123456789012 ACCA12345ABCDEXAMPLE Active 2016-11-01T17:47:22.382Z EXAMPLE8-90ab-cdef-fedc-ba987EXAMPLE ``` ## See Also For more information about using this API in one of the language-specific Amazon SDKs, see the following: + [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/iam-2010-05-08/CreateServiceSpecificCredential) + [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/iam-2010-05-08/CreateServiceSpecificCredential) + [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/iam-2010-05-08/CreateServiceSpecificCredential) + [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/iam-2010-05-08/CreateServiceSpecificCredential) + [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/iam-2010-05-08/CreateServiceSpecificCredential) + [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/iam-2010-05-08/CreateServiceSpecificCredential) + [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/iam-2010-05-08/CreateServiceSpecificCredential) + [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/iam-2010-05-08/CreateServiceSpecificCredential) + [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/iam-2010-05-08/CreateServiceSpecificCredential) + [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/iam-2010-05-08/CreateServiceSpecificCredential)