Refresh the Account-level SSH Key Pair using API version 2

PUT api/v2/accounts/ssh_key

Use this API to create a new SSH key pair and use the public key to configure it on the bastion host of the VPC.

You must configure the public key of the SSH key pair on the bastion host of a VPC. Qubole communicates with the cluster that is configured on a private subnet of a VPC through the bastion host.

If the Unique SSH Key feature is not enabled, then the default Qubole public key is used to SSH into the bastion host. For more information, see clusters-in-vpc.


The account-level unique SSH key feature is enabled by default on and If you have the QDS account on any other QDS environment, then create a ticket with Qubole Support to get it enabled.

Whenever the public SSH key is rotated, ensure to replace the public SSH key on the bastion host with the rotated public SSH key. For more information on adding the unique public SSH key, see clusters-in-vpc.

The rotation policy for each cluster instance that is every time a cluster starts, a new SSH key pair is generated so Qubole automatically handles the rotation of keys every time the cluster starts. This happens only if the Unique SSH Key feature is enabled on the QDS account. If it is not enabled, then the default Qubole public key is added on the cluster nodes.


The previously generated SSH key pair gets overridden by the newly generated SSH key pair.



Request API Syntax

curl -X PUT -H "X-AUTH-TOKEN:$AUTH_TOKEN" -H "Content-Type:application/json" -H "Accept: application/json" \

Sample API Request

Here is a sample request to see the account-level public SSH key of a QDS account in the environment.

curl -X PUT -H "X-AUTH-TOKEN:$AUTH_TOKEN" -H "Content-Type:application/json" -H "Accept: application/json" \