• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1<html><body>
2<style>
3
4body, h1, h2, h3, div, span, p, pre, a {
5  margin: 0;
6  padding: 0;
7  border: 0;
8  font-weight: inherit;
9  font-style: inherit;
10  font-size: 100%;
11  font-family: inherit;
12  vertical-align: baseline;
13}
14
15body {
16  font-size: 13px;
17  padding: 1em;
18}
19
20h1 {
21  font-size: 26px;
22  margin-bottom: 1em;
23}
24
25h2 {
26  font-size: 24px;
27  margin-bottom: 1em;
28}
29
30h3 {
31  font-size: 20px;
32  margin-bottom: 1em;
33  margin-top: 1em;
34}
35
36pre, code {
37  line-height: 1.5;
38  font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
39}
40
41pre {
42  margin-top: 0.5em;
43}
44
45h1, h2, h3, p {
46  font-family: Arial, sans serif;
47}
48
49h1, h2, h3 {
50  border-bottom: solid #CCC 1px;
51}
52
53.toc_element {
54  margin-top: 0.5em;
55}
56
57.firstline {
58  margin-left: 2 em;
59}
60
61.method  {
62  margin-top: 1em;
63  border: solid 1px #CCC;
64  padding: 1em;
65  background: #EEE;
66}
67
68.details {
69  font-weight: bold;
70  font-size: 14px;
71}
72
73</style>
74
75<h1><a href="iam_v1.html">Google Identity and Access Management (IAM) API</a> . <a href="iam_v1.projects.html">projects</a> . <a href="iam_v1.projects.serviceAccounts.html">serviceAccounts</a> . <a href="iam_v1.projects.serviceAccounts.keys.html">keys</a></h1>
76<h2>Instance Methods</h2>
77<p class="toc_element">
78  <code><a href="#create">create(name, body, x__xgafv=None)</a></code></p>
79<p class="firstline">Creates a ServiceAccountKey</p>
80<p class="toc_element">
81  <code><a href="#delete">delete(name, x__xgafv=None)</a></code></p>
82<p class="firstline">Deletes a ServiceAccountKey.</p>
83<p class="toc_element">
84  <code><a href="#get">get(name, publicKeyType=None, x__xgafv=None)</a></code></p>
85<p class="firstline">Gets the ServiceAccountKey</p>
86<p class="toc_element">
87  <code><a href="#list">list(name, keyTypes=None, x__xgafv=None)</a></code></p>
88<p class="firstline">Lists ServiceAccountKeys.</p>
89<h3>Method Details</h3>
90<div class="method">
91    <code class="details" id="create">create(name, body, x__xgafv=None)</code>
92  <pre>Creates a ServiceAccountKey
93and returns it.
94
95Args:
96  name: string, The resource name of the service account in the following format:
97`projects/{PROJECT_ID}/serviceAccounts/{SERVICE_ACCOUNT_EMAIL}`.
98Using `-` as a wildcard for the project will infer the project from
99the account. The `account` value can be the `email` address or the
100`unique_id` of the service account. (required)
101  body: object, The request body. (required)
102    The object takes the form of:
103
104{ # The service account key create request.
105    "includePublicKeyData": True or False,
106    "keyAlgorithm": "A String", # Which type of key and algorithm to use for the key.
107        # The default is currently a 2K RSA key.  However this may change in the
108        # future.
109    "privateKeyType": "A String", # The output format of the private key. `GOOGLE_CREDENTIALS_FILE` is the
110        # default output format.
111  }
112
113  x__xgafv: string, V1 error format.
114    Allowed values
115      1 - v1 error format
116      2 - v2 error format
117
118Returns:
119  An object of the form:
120
121    { # Represents a service account key.
122      #
123      # A service account has two sets of key-pairs: user-managed, and
124      # system-managed.
125      #
126      # User-managed key-pairs can be created and deleted by users.  Users are
127      # responsible for rotating these keys periodically to ensure security of
128      # their service accounts.  Users retain the private key of these key-pairs,
129      # and Google retains ONLY the public key.
130      #
131      # System-managed key-pairs are managed automatically by Google, and rotated
132      # daily without user intervention.  The private key never leaves Google's
133      # servers to maximize security.
134      #
135      # Public keys for all service accounts are also published at the OAuth2
136      # Service Account API.
137    "name": "A String", # The resource name of the service account key in the following format
138        # `projects/{PROJECT_ID}/serviceAccounts/{SERVICE_ACCOUNT_EMAIL}/keys/{key}`.
139    "validBeforeTime": "A String", # The key can be used before this timestamp.
140    "keyAlgorithm": "A String", # Specifies the algorithm (and possibly key size) for the key.
141    "privateKeyData": "A String", # The private key data. Only provided in `CreateServiceAccountKey`
142        # responses.
143    "privateKeyType": "A String", # The output format for the private key.
144        # Only provided in `CreateServiceAccountKey` responses, not
145        # in `GetServiceAccountKey` or `ListServiceAccountKey` responses.
146        #
147        # Google never exposes system-managed private keys, and never retains
148        # user-managed private keys.
149    "publicKeyData": "A String", # The public key data. Only provided in `GetServiceAccountKey` responses.
150    "validAfterTime": "A String", # The key can be used after this timestamp.
151  }</pre>
152</div>
153
154<div class="method">
155    <code class="details" id="delete">delete(name, x__xgafv=None)</code>
156  <pre>Deletes a ServiceAccountKey.
157
158Args:
159  name: string, The resource name of the service account key in the following format:
160`projects/{PROJECT_ID}/serviceAccounts/{SERVICE_ACCOUNT_EMAIL}/keys/{key}`.
161Using `-` as a wildcard for the project will infer the project from
162the account. The `account` value can be the `email` address or the
163`unique_id` of the service account. (required)
164  x__xgafv: string, V1 error format.
165    Allowed values
166      1 - v1 error format
167      2 - v2 error format
168
169Returns:
170  An object of the form:
171
172    { # A generic empty message that you can re-use to avoid defining duplicated
173      # empty messages in your APIs. A typical example is to use it as the request
174      # or the response type of an API method. For instance:
175      #
176      #     service Foo {
177      #       rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty);
178      #     }
179      #
180      # The JSON representation for `Empty` is empty JSON object `{}`.
181  }</pre>
182</div>
183
184<div class="method">
185    <code class="details" id="get">get(name, publicKeyType=None, x__xgafv=None)</code>
186  <pre>Gets the ServiceAccountKey
187by key id.
188
189Args:
190  name: string, The resource name of the service account key in the following format:
191`projects/{PROJECT_ID}/serviceAccounts/{SERVICE_ACCOUNT_EMAIL}/keys/{key}`.
192
193Using `-` as a wildcard for the project will infer the project from
194the account. The `account` value can be the `email` address or the
195`unique_id` of the service account. (required)
196  publicKeyType: string, The output format of the public key requested.
197X509_PEM is the default output format.
198  x__xgafv: string, V1 error format.
199    Allowed values
200      1 - v1 error format
201      2 - v2 error format
202
203Returns:
204  An object of the form:
205
206    { # Represents a service account key.
207      #
208      # A service account has two sets of key-pairs: user-managed, and
209      # system-managed.
210      #
211      # User-managed key-pairs can be created and deleted by users.  Users are
212      # responsible for rotating these keys periodically to ensure security of
213      # their service accounts.  Users retain the private key of these key-pairs,
214      # and Google retains ONLY the public key.
215      #
216      # System-managed key-pairs are managed automatically by Google, and rotated
217      # daily without user intervention.  The private key never leaves Google's
218      # servers to maximize security.
219      #
220      # Public keys for all service accounts are also published at the OAuth2
221      # Service Account API.
222    "name": "A String", # The resource name of the service account key in the following format
223        # `projects/{PROJECT_ID}/serviceAccounts/{SERVICE_ACCOUNT_EMAIL}/keys/{key}`.
224    "validBeforeTime": "A String", # The key can be used before this timestamp.
225    "keyAlgorithm": "A String", # Specifies the algorithm (and possibly key size) for the key.
226    "privateKeyData": "A String", # The private key data. Only provided in `CreateServiceAccountKey`
227        # responses.
228    "privateKeyType": "A String", # The output format for the private key.
229        # Only provided in `CreateServiceAccountKey` responses, not
230        # in `GetServiceAccountKey` or `ListServiceAccountKey` responses.
231        #
232        # Google never exposes system-managed private keys, and never retains
233        # user-managed private keys.
234    "publicKeyData": "A String", # The public key data. Only provided in `GetServiceAccountKey` responses.
235    "validAfterTime": "A String", # The key can be used after this timestamp.
236  }</pre>
237</div>
238
239<div class="method">
240    <code class="details" id="list">list(name, keyTypes=None, x__xgafv=None)</code>
241  <pre>Lists ServiceAccountKeys.
242
243Args:
244  name: string, The resource name of the service account in the following format:
245`projects/{PROJECT_ID}/serviceAccounts/{SERVICE_ACCOUNT_EMAIL}`.
246
247Using `-` as a wildcard for the project, will infer the project from
248the account. The `account` value can be the `email` address or the
249`unique_id` of the service account. (required)
250  keyTypes: string, Filters the types of keys the user wants to include in the list
251response. Duplicate key types are not allowed. If no key type
252is provided, all keys are returned. (repeated)
253  x__xgafv: string, V1 error format.
254    Allowed values
255      1 - v1 error format
256      2 - v2 error format
257
258Returns:
259  An object of the form:
260
261    { # The service account keys list response.
262    "keys": [ # The public keys for the service account.
263      { # Represents a service account key.
264          #
265          # A service account has two sets of key-pairs: user-managed, and
266          # system-managed.
267          #
268          # User-managed key-pairs can be created and deleted by users.  Users are
269          # responsible for rotating these keys periodically to ensure security of
270          # their service accounts.  Users retain the private key of these key-pairs,
271          # and Google retains ONLY the public key.
272          #
273          # System-managed key-pairs are managed automatically by Google, and rotated
274          # daily without user intervention.  The private key never leaves Google's
275          # servers to maximize security.
276          #
277          # Public keys for all service accounts are also published at the OAuth2
278          # Service Account API.
279        "name": "A String", # The resource name of the service account key in the following format
280            # `projects/{PROJECT_ID}/serviceAccounts/{SERVICE_ACCOUNT_EMAIL}/keys/{key}`.
281        "validBeforeTime": "A String", # The key can be used before this timestamp.
282        "keyAlgorithm": "A String", # Specifies the algorithm (and possibly key size) for the key.
283        "privateKeyData": "A String", # The private key data. Only provided in `CreateServiceAccountKey`
284            # responses.
285        "privateKeyType": "A String", # The output format for the private key.
286            # Only provided in `CreateServiceAccountKey` responses, not
287            # in `GetServiceAccountKey` or `ListServiceAccountKey` responses.
288            #
289            # Google never exposes system-managed private keys, and never retains
290            # user-managed private keys.
291        "publicKeyData": "A String", # The public key data. Only provided in `GetServiceAccountKey` responses.
292        "validAfterTime": "A String", # The key can be used after this timestamp.
293      },
294    ],
295  }</pre>
296</div>
297
298</body></html>