# tigris access-keys assign

Assign per-bucket roles to an access key. Pair each `--bucket` with a `--role` (Editor or ReadOnly), or use `--admin` for org-wide access.

**Alias:** `a`

## Usage[​](#usage "Direct link to Usage")

```
tigris access-keys assign <id> [flags]

t3 keys a <id> [flags]
```

## Flags[​](#flags "Direct link to Flags")

| Name             | Required | Default | Description                                                                                                                                  |
| ---------------- | -------- | ------- | -------------------------------------------------------------------------------------------------------------------------------------------- |
| `--bucket`, `-b` | No       | —       | Bucket name (can specify multiple, comma-separated). Each bucket is paired positionally with a --role value                                  |
| `--role`, `-r`   | No       | —       | Role to assign (can specify multiple, comma-separated). Each role pairs with the corresponding --bucket value. Options: `Editor`, `ReadOnly` |
| `--admin`        | No       | —       | Grant admin access to all buckets in the organization                                                                                        |
| `--revoke-roles` | No       | —       | Revoke all bucket roles from the access key                                                                                                  |

## Examples[​](#examples "Direct link to Examples")

```
# Assign editor role to a bucket

tigris access-keys assign tid_AaBb --bucket my-bucket --role Editor



# Assign different roles to multiple buckets

tigris access-keys assign tid_AaBb --bucket a,b --role Editor,ReadOnly



# Grant admin access

tigris access-keys assign tid_AaBb --admin



# Revoke all roles

tigris access-keys assign tid_AaBb --revoke-roles
```