1. Packages
  2. Yandex
  3. API Docs
  4. IamServiceAccountKey
Yandex v0.13.0 published on Tuesday, Feb 22, 2022 by Pulumi

yandex.IamServiceAccountKey

Explore with Pulumi AI

yandex logo
Yandex v0.13.0 published on Tuesday, Feb 22, 2022 by Pulumi

    Allows management of Yandex.Cloud IAM service account authorized keys. Generated pair of keys is used to create a JSON Web Token which is necessary for requesting an IAM Token for a service account.

    Example Usage

    This snippet creates an authorized keys pair.

    using Pulumi;
    using Yandex = Pulumi.Yandex;
    
    class MyStack : Stack
    {
        public MyStack()
        {
            var sa_auth_key = new Yandex.IamServiceAccountKey("sa-auth-key", new Yandex.IamServiceAccountKeyArgs
            {
                Description = "key for service account",
                KeyAlgorithm = "RSA_4096",
                PgpKey = "keybase:keybaseusername",
                ServiceAccountId = "some_sa_id",
            });
        }
    
    }
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-yandex/sdk/go/yandex"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := yandex.NewIamServiceAccountKey(ctx, "sa-auth-key", &yandex.IamServiceAccountKeyArgs{
    			Description:      pulumi.String("key for service account"),
    			KeyAlgorithm:     pulumi.String("RSA_4096"),
    			PgpKey:           pulumi.String("keybase:keybaseusername"),
    			ServiceAccountId: pulumi.String("some_sa_id"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    

    Coming soon!

    import pulumi
    import pulumi_yandex as yandex
    
    sa_auth_key = yandex.IamServiceAccountKey("sa-auth-key",
        description="key for service account",
        key_algorithm="RSA_4096",
        pgp_key="keybase:keybaseusername",
        service_account_id="some_sa_id")
    
    import * as pulumi from "@pulumi/pulumi";
    import * as yandex from "@pulumi/yandex";
    
    const sa_auth_key = new yandex.IamServiceAccountKey("sa-auth-key", {
        description: "key for service account",
        keyAlgorithm: "RSA_4096",
        pgpKey: "keybase:keybaseusername",
        serviceAccountId: "some_sa_id",
    });
    

    Coming soon!

    Create IamServiceAccountKey Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new IamServiceAccountKey(name: string, args: IamServiceAccountKeyArgs, opts?: CustomResourceOptions);
    @overload
    def IamServiceAccountKey(resource_name: str,
                             args: IamServiceAccountKeyArgs,
                             opts: Optional[ResourceOptions] = None)
    
    @overload
    def IamServiceAccountKey(resource_name: str,
                             opts: Optional[ResourceOptions] = None,
                             service_account_id: Optional[str] = None,
                             description: Optional[str] = None,
                             format: Optional[str] = None,
                             key_algorithm: Optional[str] = None,
                             pgp_key: Optional[str] = None)
    func NewIamServiceAccountKey(ctx *Context, name string, args IamServiceAccountKeyArgs, opts ...ResourceOption) (*IamServiceAccountKey, error)
    public IamServiceAccountKey(string name, IamServiceAccountKeyArgs args, CustomResourceOptions? opts = null)
    public IamServiceAccountKey(String name, IamServiceAccountKeyArgs args)
    public IamServiceAccountKey(String name, IamServiceAccountKeyArgs args, CustomResourceOptions options)
    
    type: yandex:IamServiceAccountKey
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args IamServiceAccountKeyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args IamServiceAccountKeyArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args IamServiceAccountKeyArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args IamServiceAccountKeyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args IamServiceAccountKeyArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var iamServiceAccountKeyResource = new Yandex.IamServiceAccountKey("iamServiceAccountKeyResource", new()
    {
        ServiceAccountId = "string",
        Description = "string",
        Format = "string",
        KeyAlgorithm = "string",
        PgpKey = "string",
    });
    
    example, err := yandex.NewIamServiceAccountKey(ctx, "iamServiceAccountKeyResource", &yandex.IamServiceAccountKeyArgs{
    	ServiceAccountId: pulumi.String("string"),
    	Description:      pulumi.String("string"),
    	Format:           pulumi.String("string"),
    	KeyAlgorithm:     pulumi.String("string"),
    	PgpKey:           pulumi.String("string"),
    })
    
    var iamServiceAccountKeyResource = new IamServiceAccountKey("iamServiceAccountKeyResource", IamServiceAccountKeyArgs.builder()
        .serviceAccountId("string")
        .description("string")
        .format("string")
        .keyAlgorithm("string")
        .pgpKey("string")
        .build());
    
    iam_service_account_key_resource = yandex.IamServiceAccountKey("iamServiceAccountKeyResource",
        service_account_id="string",
        description="string",
        format="string",
        key_algorithm="string",
        pgp_key="string")
    
    const iamServiceAccountKeyResource = new yandex.IamServiceAccountKey("iamServiceAccountKeyResource", {
        serviceAccountId: "string",
        description: "string",
        format: "string",
        keyAlgorithm: "string",
        pgpKey: "string",
    });
    
    type: yandex:IamServiceAccountKey
    properties:
        description: string
        format: string
        keyAlgorithm: string
        pgpKey: string
        serviceAccountId: string
    

    IamServiceAccountKey Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The IamServiceAccountKey resource accepts the following input properties:

    ServiceAccountId string
    ID of the service account to create a pair for.
    Description string
    The description of the key pair.
    Format string
    The output format of the keys. PEM_FILE is the default format.
    KeyAlgorithm string
    The algorithm used to generate the key. RSA_2048 is the default algorithm. Valid values are listed in the API reference.
    PgpKey string
    An optional PGP key to encrypt the resulting private key material. May either be a base64-encoded public key or a keybase username in the form keybase:keybaseusername.
    ServiceAccountId string
    ID of the service account to create a pair for.
    Description string
    The description of the key pair.
    Format string
    The output format of the keys. PEM_FILE is the default format.
    KeyAlgorithm string
    The algorithm used to generate the key. RSA_2048 is the default algorithm. Valid values are listed in the API reference.
    PgpKey string
    An optional PGP key to encrypt the resulting private key material. May either be a base64-encoded public key or a keybase username in the form keybase:keybaseusername.
    serviceAccountId String
    ID of the service account to create a pair for.
    description String
    The description of the key pair.
    format String
    The output format of the keys. PEM_FILE is the default format.
    keyAlgorithm String
    The algorithm used to generate the key. RSA_2048 is the default algorithm. Valid values are listed in the API reference.
    pgpKey String
    An optional PGP key to encrypt the resulting private key material. May either be a base64-encoded public key or a keybase username in the form keybase:keybaseusername.
    serviceAccountId string
    ID of the service account to create a pair for.
    description string
    The description of the key pair.
    format string
    The output format of the keys. PEM_FILE is the default format.
    keyAlgorithm string
    The algorithm used to generate the key. RSA_2048 is the default algorithm. Valid values are listed in the API reference.
    pgpKey string
    An optional PGP key to encrypt the resulting private key material. May either be a base64-encoded public key or a keybase username in the form keybase:keybaseusername.
    service_account_id str
    ID of the service account to create a pair for.
    description str
    The description of the key pair.
    format str
    The output format of the keys. PEM_FILE is the default format.
    key_algorithm str
    The algorithm used to generate the key. RSA_2048 is the default algorithm. Valid values are listed in the API reference.
    pgp_key str
    An optional PGP key to encrypt the resulting private key material. May either be a base64-encoded public key or a keybase username in the form keybase:keybaseusername.
    serviceAccountId String
    ID of the service account to create a pair for.
    description String
    The description of the key pair.
    format String
    The output format of the keys. PEM_FILE is the default format.
    keyAlgorithm String
    The algorithm used to generate the key. RSA_2048 is the default algorithm. Valid values are listed in the API reference.
    pgpKey String
    An optional PGP key to encrypt the resulting private key material. May either be a base64-encoded public key or a keybase username in the form keybase:keybaseusername.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the IamServiceAccountKey resource produces the following output properties:

    CreatedAt string
    Creation timestamp of the static access key.
    EncryptedPrivateKey string
    The encrypted private key, base64 encoded. This is only populated when pgp_key is supplied.
    Id string
    The provider-assigned unique ID for this managed resource.
    KeyFingerprint string
    The fingerprint of the PGP key used to encrypt the private key. This is only populated when pgp_key is supplied.
    PrivateKey string
    The private key. This is only populated when no pgp_key is provided.
    PublicKey string
    The public key.
    CreatedAt string
    Creation timestamp of the static access key.
    EncryptedPrivateKey string
    The encrypted private key, base64 encoded. This is only populated when pgp_key is supplied.
    Id string
    The provider-assigned unique ID for this managed resource.
    KeyFingerprint string
    The fingerprint of the PGP key used to encrypt the private key. This is only populated when pgp_key is supplied.
    PrivateKey string
    The private key. This is only populated when no pgp_key is provided.
    PublicKey string
    The public key.
    createdAt String
    Creation timestamp of the static access key.
    encryptedPrivateKey String
    The encrypted private key, base64 encoded. This is only populated when pgp_key is supplied.
    id String
    The provider-assigned unique ID for this managed resource.
    keyFingerprint String
    The fingerprint of the PGP key used to encrypt the private key. This is only populated when pgp_key is supplied.
    privateKey String
    The private key. This is only populated when no pgp_key is provided.
    publicKey String
    The public key.
    createdAt string
    Creation timestamp of the static access key.
    encryptedPrivateKey string
    The encrypted private key, base64 encoded. This is only populated when pgp_key is supplied.
    id string
    The provider-assigned unique ID for this managed resource.
    keyFingerprint string
    The fingerprint of the PGP key used to encrypt the private key. This is only populated when pgp_key is supplied.
    privateKey string
    The private key. This is only populated when no pgp_key is provided.
    publicKey string
    The public key.
    created_at str
    Creation timestamp of the static access key.
    encrypted_private_key str
    The encrypted private key, base64 encoded. This is only populated when pgp_key is supplied.
    id str
    The provider-assigned unique ID for this managed resource.
    key_fingerprint str
    The fingerprint of the PGP key used to encrypt the private key. This is only populated when pgp_key is supplied.
    private_key str
    The private key. This is only populated when no pgp_key is provided.
    public_key str
    The public key.
    createdAt String
    Creation timestamp of the static access key.
    encryptedPrivateKey String
    The encrypted private key, base64 encoded. This is only populated when pgp_key is supplied.
    id String
    The provider-assigned unique ID for this managed resource.
    keyFingerprint String
    The fingerprint of the PGP key used to encrypt the private key. This is only populated when pgp_key is supplied.
    privateKey String
    The private key. This is only populated when no pgp_key is provided.
    publicKey String
    The public key.

    Look up Existing IamServiceAccountKey Resource

    Get an existing IamServiceAccountKey resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: IamServiceAccountKeyState, opts?: CustomResourceOptions): IamServiceAccountKey
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            created_at: Optional[str] = None,
            description: Optional[str] = None,
            encrypted_private_key: Optional[str] = None,
            format: Optional[str] = None,
            key_algorithm: Optional[str] = None,
            key_fingerprint: Optional[str] = None,
            pgp_key: Optional[str] = None,
            private_key: Optional[str] = None,
            public_key: Optional[str] = None,
            service_account_id: Optional[str] = None) -> IamServiceAccountKey
    func GetIamServiceAccountKey(ctx *Context, name string, id IDInput, state *IamServiceAccountKeyState, opts ...ResourceOption) (*IamServiceAccountKey, error)
    public static IamServiceAccountKey Get(string name, Input<string> id, IamServiceAccountKeyState? state, CustomResourceOptions? opts = null)
    public static IamServiceAccountKey get(String name, Output<String> id, IamServiceAccountKeyState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    CreatedAt string
    Creation timestamp of the static access key.
    Description string
    The description of the key pair.
    EncryptedPrivateKey string
    The encrypted private key, base64 encoded. This is only populated when pgp_key is supplied.
    Format string
    The output format of the keys. PEM_FILE is the default format.
    KeyAlgorithm string
    The algorithm used to generate the key. RSA_2048 is the default algorithm. Valid values are listed in the API reference.
    KeyFingerprint string
    The fingerprint of the PGP key used to encrypt the private key. This is only populated when pgp_key is supplied.
    PgpKey string
    An optional PGP key to encrypt the resulting private key material. May either be a base64-encoded public key or a keybase username in the form keybase:keybaseusername.
    PrivateKey string
    The private key. This is only populated when no pgp_key is provided.
    PublicKey string
    The public key.
    ServiceAccountId string
    ID of the service account to create a pair for.
    CreatedAt string
    Creation timestamp of the static access key.
    Description string
    The description of the key pair.
    EncryptedPrivateKey string
    The encrypted private key, base64 encoded. This is only populated when pgp_key is supplied.
    Format string
    The output format of the keys. PEM_FILE is the default format.
    KeyAlgorithm string
    The algorithm used to generate the key. RSA_2048 is the default algorithm. Valid values are listed in the API reference.
    KeyFingerprint string
    The fingerprint of the PGP key used to encrypt the private key. This is only populated when pgp_key is supplied.
    PgpKey string
    An optional PGP key to encrypt the resulting private key material. May either be a base64-encoded public key or a keybase username in the form keybase:keybaseusername.
    PrivateKey string
    The private key. This is only populated when no pgp_key is provided.
    PublicKey string
    The public key.
    ServiceAccountId string
    ID of the service account to create a pair for.
    createdAt String
    Creation timestamp of the static access key.
    description String
    The description of the key pair.
    encryptedPrivateKey String
    The encrypted private key, base64 encoded. This is only populated when pgp_key is supplied.
    format String
    The output format of the keys. PEM_FILE is the default format.
    keyAlgorithm String
    The algorithm used to generate the key. RSA_2048 is the default algorithm. Valid values are listed in the API reference.
    keyFingerprint String
    The fingerprint of the PGP key used to encrypt the private key. This is only populated when pgp_key is supplied.
    pgpKey String
    An optional PGP key to encrypt the resulting private key material. May either be a base64-encoded public key or a keybase username in the form keybase:keybaseusername.
    privateKey String
    The private key. This is only populated when no pgp_key is provided.
    publicKey String
    The public key.
    serviceAccountId String
    ID of the service account to create a pair for.
    createdAt string
    Creation timestamp of the static access key.
    description string
    The description of the key pair.
    encryptedPrivateKey string
    The encrypted private key, base64 encoded. This is only populated when pgp_key is supplied.
    format string
    The output format of the keys. PEM_FILE is the default format.
    keyAlgorithm string
    The algorithm used to generate the key. RSA_2048 is the default algorithm. Valid values are listed in the API reference.
    keyFingerprint string
    The fingerprint of the PGP key used to encrypt the private key. This is only populated when pgp_key is supplied.
    pgpKey string
    An optional PGP key to encrypt the resulting private key material. May either be a base64-encoded public key or a keybase username in the form keybase:keybaseusername.
    privateKey string
    The private key. This is only populated when no pgp_key is provided.
    publicKey string
    The public key.
    serviceAccountId string
    ID of the service account to create a pair for.
    created_at str
    Creation timestamp of the static access key.
    description str
    The description of the key pair.
    encrypted_private_key str
    The encrypted private key, base64 encoded. This is only populated when pgp_key is supplied.
    format str
    The output format of the keys. PEM_FILE is the default format.
    key_algorithm str
    The algorithm used to generate the key. RSA_2048 is the default algorithm. Valid values are listed in the API reference.
    key_fingerprint str
    The fingerprint of the PGP key used to encrypt the private key. This is only populated when pgp_key is supplied.
    pgp_key str
    An optional PGP key to encrypt the resulting private key material. May either be a base64-encoded public key or a keybase username in the form keybase:keybaseusername.
    private_key str
    The private key. This is only populated when no pgp_key is provided.
    public_key str
    The public key.
    service_account_id str
    ID of the service account to create a pair for.
    createdAt String
    Creation timestamp of the static access key.
    description String
    The description of the key pair.
    encryptedPrivateKey String
    The encrypted private key, base64 encoded. This is only populated when pgp_key is supplied.
    format String
    The output format of the keys. PEM_FILE is the default format.
    keyAlgorithm String
    The algorithm used to generate the key. RSA_2048 is the default algorithm. Valid values are listed in the API reference.
    keyFingerprint String
    The fingerprint of the PGP key used to encrypt the private key. This is only populated when pgp_key is supplied.
    pgpKey String
    An optional PGP key to encrypt the resulting private key material. May either be a base64-encoded public key or a keybase username in the form keybase:keybaseusername.
    privateKey String
    The private key. This is only populated when no pgp_key is provided.
    publicKey String
    The public key.
    serviceAccountId String
    ID of the service account to create a pair for.

    Package Details

    Repository
    Yandex pulumi/pulumi-yandex
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the yandex Terraform Provider.
    yandex logo
    Yandex v0.13.0 published on Tuesday, Feb 22, 2022 by Pulumi