yandex.IamServiceAccountApiKey
Explore with Pulumi AI
Allows management of a Yandex.Cloud IAM service account API key. The API key is a private key used for simplified authorization in the Yandex.Cloud API. API keys are only used for service accounts.
API keys do not expire. This means that this authentication method is simpler, but less secure. Use it if you can’t automatically request an IAM token.
Example Usage
This snippet creates an API key.
using Pulumi;
using Yandex = Pulumi.Yandex;
class MyStack : Stack
{
public MyStack()
{
var sa_api_key = new Yandex.IamServiceAccountApiKey("sa-api-key", new Yandex.IamServiceAccountApiKeyArgs
{
Description = "api key for authorization",
PgpKey = "keybase:keybaseusername",
ServiceAccountId = "some_sa_id",
});
}
}
package main
import (
"github.com/pulumi/pulumi-yandex/sdk/go/yandex"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := yandex.NewIamServiceAccountApiKey(ctx, "sa-api-key", &yandex.IamServiceAccountApiKeyArgs{
Description: pulumi.String("api key for authorization"),
PgpKey: pulumi.String("keybase:keybaseusername"),
ServiceAccountId: pulumi.String("some_sa_id"),
})
if err != nil {
return err
}
return nil
})
}
Coming soon!
import pulumi
import pulumi_yandex as yandex
sa_api_key = yandex.IamServiceAccountApiKey("sa-api-key",
description="api key for authorization",
pgp_key="keybase:keybaseusername",
service_account_id="some_sa_id")
import * as pulumi from "@pulumi/pulumi";
import * as yandex from "@pulumi/yandex";
const sa_api_key = new yandex.IamServiceAccountApiKey("sa-api-key", {
description: "api key for authorization",
pgpKey: "keybase:keybaseusername",
serviceAccountId: "some_sa_id",
});
Coming soon!
Create IamServiceAccountApiKey Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new IamServiceAccountApiKey(name: string, args: IamServiceAccountApiKeyArgs, opts?: CustomResourceOptions);
@overload
def IamServiceAccountApiKey(resource_name: str,
args: IamServiceAccountApiKeyArgs,
opts: Optional[ResourceOptions] = None)
@overload
def IamServiceAccountApiKey(resource_name: str,
opts: Optional[ResourceOptions] = None,
service_account_id: Optional[str] = None,
description: Optional[str] = None,
pgp_key: Optional[str] = None)
func NewIamServiceAccountApiKey(ctx *Context, name string, args IamServiceAccountApiKeyArgs, opts ...ResourceOption) (*IamServiceAccountApiKey, error)
public IamServiceAccountApiKey(string name, IamServiceAccountApiKeyArgs args, CustomResourceOptions? opts = null)
public IamServiceAccountApiKey(String name, IamServiceAccountApiKeyArgs args)
public IamServiceAccountApiKey(String name, IamServiceAccountApiKeyArgs args, CustomResourceOptions options)
type: yandex:IamServiceAccountApiKey
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args IamServiceAccountApiKeyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args IamServiceAccountApiKeyArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args IamServiceAccountApiKeyArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args IamServiceAccountApiKeyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args IamServiceAccountApiKeyArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var iamServiceAccountApiKeyResource = new Yandex.IamServiceAccountApiKey("iamServiceAccountApiKeyResource", new()
{
ServiceAccountId = "string",
Description = "string",
PgpKey = "string",
});
example, err := yandex.NewIamServiceAccountApiKey(ctx, "iamServiceAccountApiKeyResource", &yandex.IamServiceAccountApiKeyArgs{
ServiceAccountId: pulumi.String("string"),
Description: pulumi.String("string"),
PgpKey: pulumi.String("string"),
})
var iamServiceAccountApiKeyResource = new IamServiceAccountApiKey("iamServiceAccountApiKeyResource", IamServiceAccountApiKeyArgs.builder()
.serviceAccountId("string")
.description("string")
.pgpKey("string")
.build());
iam_service_account_api_key_resource = yandex.IamServiceAccountApiKey("iamServiceAccountApiKeyResource",
service_account_id="string",
description="string",
pgp_key="string")
const iamServiceAccountApiKeyResource = new yandex.IamServiceAccountApiKey("iamServiceAccountApiKeyResource", {
serviceAccountId: "string",
description: "string",
pgpKey: "string",
});
type: yandex:IamServiceAccountApiKey
properties:
description: string
pgpKey: string
serviceAccountId: string
IamServiceAccountApiKey Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The IamServiceAccountApiKey resource accepts the following input properties:
- Service
Account stringId - ID of the service account to an API key for.
- Description string
- The description of the key.
- Pgp
Key string - An optional PGP key to encrypt the resulting secret key material. May either be a base64-encoded public key or a keybase username in the form
keybase:keybaseusername
.
- Service
Account stringId - ID of the service account to an API key for.
- Description string
- The description of the key.
- Pgp
Key string - An optional PGP key to encrypt the resulting secret key material. May either be a base64-encoded public key or a keybase username in the form
keybase:keybaseusername
.
- service
Account StringId - ID of the service account to an API key for.
- description String
- The description of the key.
- pgp
Key String - An optional PGP key to encrypt the resulting secret key material. May either be a base64-encoded public key or a keybase username in the form
keybase:keybaseusername
.
- service
Account stringId - ID of the service account to an API key for.
- description string
- The description of the key.
- pgp
Key string - An optional PGP key to encrypt the resulting secret key material. May either be a base64-encoded public key or a keybase username in the form
keybase:keybaseusername
.
- service_
account_ strid - ID of the service account to an API key for.
- description str
- The description of the key.
- pgp_
key str - An optional PGP key to encrypt the resulting secret key material. May either be a base64-encoded public key or a keybase username in the form
keybase:keybaseusername
.
- service
Account StringId - ID of the service account to an API key for.
- description String
- The description of the key.
- pgp
Key String - An optional PGP key to encrypt the resulting secret key material. May either be a base64-encoded public key or a keybase username in the form
keybase:keybaseusername
.
Outputs
All input properties are implicitly available as output properties. Additionally, the IamServiceAccountApiKey resource produces the following output properties:
- Created
At string - Creation timestamp of the static access key.
- Encrypted
Secret stringKey - The encrypted secret key, base64 encoded. This is only populated when
pgp_key
is supplied. - Id string
- The provider-assigned unique ID for this managed resource.
- Key
Fingerprint string - The fingerprint of the PGP key used to encrypt the secret key. This is only populated when
pgp_key
is supplied. - Secret
Key string - The secret key. This is only populated when no
pgp_key
is provided.
- Created
At string - Creation timestamp of the static access key.
- Encrypted
Secret stringKey - The encrypted secret key, base64 encoded. This is only populated when
pgp_key
is supplied. - Id string
- The provider-assigned unique ID for this managed resource.
- Key
Fingerprint string - The fingerprint of the PGP key used to encrypt the secret key. This is only populated when
pgp_key
is supplied. - Secret
Key string - The secret key. This is only populated when no
pgp_key
is provided.
- created
At String - Creation timestamp of the static access key.
- encrypted
Secret StringKey - The encrypted secret key, base64 encoded. This is only populated when
pgp_key
is supplied. - id String
- The provider-assigned unique ID for this managed resource.
- key
Fingerprint String - The fingerprint of the PGP key used to encrypt the secret key. This is only populated when
pgp_key
is supplied. - secret
Key String - The secret key. This is only populated when no
pgp_key
is provided.
- created
At string - Creation timestamp of the static access key.
- encrypted
Secret stringKey - The encrypted secret key, base64 encoded. This is only populated when
pgp_key
is supplied. - id string
- The provider-assigned unique ID for this managed resource.
- key
Fingerprint string - The fingerprint of the PGP key used to encrypt the secret key. This is only populated when
pgp_key
is supplied. - secret
Key string - The secret key. This is only populated when no
pgp_key
is provided.
- created_
at str - Creation timestamp of the static access key.
- encrypted_
secret_ strkey - The encrypted secret key, base64 encoded. This is only populated when
pgp_key
is supplied. - id str
- The provider-assigned unique ID for this managed resource.
- key_
fingerprint str - The fingerprint of the PGP key used to encrypt the secret key. This is only populated when
pgp_key
is supplied. - secret_
key str - The secret key. This is only populated when no
pgp_key
is provided.
- created
At String - Creation timestamp of the static access key.
- encrypted
Secret StringKey - The encrypted secret key, base64 encoded. This is only populated when
pgp_key
is supplied. - id String
- The provider-assigned unique ID for this managed resource.
- key
Fingerprint String - The fingerprint of the PGP key used to encrypt the secret key. This is only populated when
pgp_key
is supplied. - secret
Key String - The secret key. This is only populated when no
pgp_key
is provided.
Look up Existing IamServiceAccountApiKey Resource
Get an existing IamServiceAccountApiKey resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: IamServiceAccountApiKeyState, opts?: CustomResourceOptions): IamServiceAccountApiKey
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
created_at: Optional[str] = None,
description: Optional[str] = None,
encrypted_secret_key: Optional[str] = None,
key_fingerprint: Optional[str] = None,
pgp_key: Optional[str] = None,
secret_key: Optional[str] = None,
service_account_id: Optional[str] = None) -> IamServiceAccountApiKey
func GetIamServiceAccountApiKey(ctx *Context, name string, id IDInput, state *IamServiceAccountApiKeyState, opts ...ResourceOption) (*IamServiceAccountApiKey, error)
public static IamServiceAccountApiKey Get(string name, Input<string> id, IamServiceAccountApiKeyState? state, CustomResourceOptions? opts = null)
public static IamServiceAccountApiKey get(String name, Output<String> id, IamServiceAccountApiKeyState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Created
At string - Creation timestamp of the static access key.
- Description string
- The description of the key.
- Encrypted
Secret stringKey - The encrypted secret key, base64 encoded. This is only populated when
pgp_key
is supplied. - Key
Fingerprint string - The fingerprint of the PGP key used to encrypt the secret key. This is only populated when
pgp_key
is supplied. - Pgp
Key string - An optional PGP key to encrypt the resulting secret key material. May either be a base64-encoded public key or a keybase username in the form
keybase:keybaseusername
. - Secret
Key string - The secret key. This is only populated when no
pgp_key
is provided. - Service
Account stringId - ID of the service account to an API key for.
- Created
At string - Creation timestamp of the static access key.
- Description string
- The description of the key.
- Encrypted
Secret stringKey - The encrypted secret key, base64 encoded. This is only populated when
pgp_key
is supplied. - Key
Fingerprint string - The fingerprint of the PGP key used to encrypt the secret key. This is only populated when
pgp_key
is supplied. - Pgp
Key string - An optional PGP key to encrypt the resulting secret key material. May either be a base64-encoded public key or a keybase username in the form
keybase:keybaseusername
. - Secret
Key string - The secret key. This is only populated when no
pgp_key
is provided. - Service
Account stringId - ID of the service account to an API key for.
- created
At String - Creation timestamp of the static access key.
- description String
- The description of the key.
- encrypted
Secret StringKey - The encrypted secret key, base64 encoded. This is only populated when
pgp_key
is supplied. - key
Fingerprint String - The fingerprint of the PGP key used to encrypt the secret key. This is only populated when
pgp_key
is supplied. - pgp
Key String - An optional PGP key to encrypt the resulting secret key material. May either be a base64-encoded public key or a keybase username in the form
keybase:keybaseusername
. - secret
Key String - The secret key. This is only populated when no
pgp_key
is provided. - service
Account StringId - ID of the service account to an API key for.
- created
At string - Creation timestamp of the static access key.
- description string
- The description of the key.
- encrypted
Secret stringKey - The encrypted secret key, base64 encoded. This is only populated when
pgp_key
is supplied. - key
Fingerprint string - The fingerprint of the PGP key used to encrypt the secret key. This is only populated when
pgp_key
is supplied. - pgp
Key string - An optional PGP key to encrypt the resulting secret key material. May either be a base64-encoded public key or a keybase username in the form
keybase:keybaseusername
. - secret
Key string - The secret key. This is only populated when no
pgp_key
is provided. - service
Account stringId - ID of the service account to an API key for.
- created_
at str - Creation timestamp of the static access key.
- description str
- The description of the key.
- encrypted_
secret_ strkey - The encrypted secret key, base64 encoded. This is only populated when
pgp_key
is supplied. - key_
fingerprint str - The fingerprint of the PGP key used to encrypt the secret key. This is only populated when
pgp_key
is supplied. - pgp_
key str - An optional PGP key to encrypt the resulting secret key material. May either be a base64-encoded public key or a keybase username in the form
keybase:keybaseusername
. - secret_
key str - The secret key. This is only populated when no
pgp_key
is provided. - service_
account_ strid - ID of the service account to an API key for.
- created
At String - Creation timestamp of the static access key.
- description String
- The description of the key.
- encrypted
Secret StringKey - The encrypted secret key, base64 encoded. This is only populated when
pgp_key
is supplied. - key
Fingerprint String - The fingerprint of the PGP key used to encrypt the secret key. This is only populated when
pgp_key
is supplied. - pgp
Key String - An optional PGP key to encrypt the resulting secret key material. May either be a base64-encoded public key or a keybase username in the form
keybase:keybaseusername
. - secret
Key String - The secret key. This is only populated when no
pgp_key
is provided. - service
Account StringId - ID of the service account to an API key for.
Package Details
- Repository
- Yandex pulumi/pulumi-yandex
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
yandex
Terraform Provider.