gcp_iam_service_account_key

ancestors

Type: UNORDERED_LIST_STRING

disabled

Type: BOOLEAN
Provider name: disabled
Description: The key status.

key_algorithm

Type: STRING
Provider name: keyAlgorithm
Description: Specifies the algorithm (and possibly key size) for the key.
Possible values:

  • KEY_ALG_UNSPECIFIED - An unspecified key algorithm.
  • KEY_ALG_RSA_1024 - 1k RSA Key.
  • KEY_ALG_RSA_2048 - 2k RSA Key.

key_origin

Type: STRING
Provider name: keyOrigin
Description: The key origin.
Possible values:

  • ORIGIN_UNSPECIFIED - Unspecified key origin.
  • USER_PROVIDED - Key is provided by user.
  • GOOGLE_PROVIDED - Key is provided by Google.

key_type

Type: STRING
Provider name: keyType
Description: The key type.
Possible values:

  • KEY_TYPE_UNSPECIFIED - Unspecified key type. The presence of this in the message will immediately result in an error.
  • USER_MANAGED - User-managed keys (managed and rotated by the user).
  • SYSTEM_MANAGED - System-managed keys (managed and rotated by Google).

labels

Type: UNORDERED_LIST_STRING

name

Type: STRING
Provider name: name
Description: The resource name of the service account key in the following format projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}.

organization_id

Type: STRING

parent

Type: STRING

private_key_type

Type: STRING
Provider name: privateKeyType
Description: The output format for the private key. Only provided in CreateServiceAccountKey responses, not in GetServiceAccountKey or ListServiceAccountKey responses. Google never exposes system-managed private keys, and never retains user-managed private keys.
Possible values:

  • TYPE_UNSPECIFIED - Unspecified. Equivalent to TYPE_GOOGLE_CREDENTIALS_FILE.
  • TYPE_PKCS12_FILE - PKCS12 format. The password for the PKCS12 file is notasecret. For more information, see https://tools.ietf.org/html/rfc7292.
  • TYPE_GOOGLE_CREDENTIALS_FILE - Google Credentials File format.

project_id

Type: STRING

project_number

Type: STRING

resource_name

Type: STRING

tags

Type: UNORDERED_LIST_STRING

valid_after_time

Type: TIMESTAMP
Provider name: validAfterTime
Description: The key can be used after this timestamp.

valid_before_time

Type: TIMESTAMP
Provider name: validBeforeTime
Description: The key can be used before this timestamp. For system-managed key pairs, this timestamp is the end time for the private key signing operation. The public key could still be used for verification for a few hours after this time.

PREVIEWING: rtrieu/product-analytics-ui-changes