Skip to main content

ggshield honeytoken create


Command to create a honeytoken.

ggshield honeytoken create [OPTIONS]

The prerequisites to use this command are the following:

  • you have the necessary permissions as a user (for now, Honeytoken is restricted to users with a "Manager" access level),

  • the personal access token used by ggshield has the honeytokens:write scope.


  • --name TEXT: Specify a name for your honeytoken. If this option is not provided, a unique name will be generated with a ggshield- prefix.
  • --type [AWS]: Specify the type of honeytoken that you want to create. (For now only AWS honeytokens are supported) [required]
  • --description TEXT: Add a description to your honeytoken (250 characters max).
  • -o, --output FILE: Specify a filename to append your honeytoken directly to the content of this file. If the file does not exist, it will be created.

This command supports all ggshield global options.

How can I help you ?