gcloud alpha iam service-accounts keys upload - upload a public key for an IAM service account
gcloud alpha iam service-accounts keys upload PUBLIC_KEY_FILE --iam-account=IAM_ACCOUNT [GCLOUD_WIDE_FLAG ...]
(ALPHA) Upload a public key for an IAM service account.
If the service account does not exist, this command returns a PERMISSION_DENIED error.
The following command uploads a public key certificate to a service account:.RS 2m gcloud alpha iam service-accounts keys upload test_data/public_key.cert --iam-account=my-iam-account@my-project.iam.gserviceaccount.com
- PUBLIC_KEY_FILE
Path of the file containing the public key. Note that only public key data in the format of RSA_X509_PEM is supported. See https://cloud.google.com/iot/docs/concepts/device-security#public_key_format for more information.
- IamAccount resource - The service account for which to upload a key. This
represents a Cloud resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. To set the project attribute:
- —
provide the argument --iam-account on the command line with a fully specified name;
- —
set the property core/project;
- —
provide the argument --project on the command line.
This must be specified.
- --iam-account=IAM_ACCOUNT
ID of the iamAccount or fully qualified identifier for the iamAccount. To set the iam-account attribute:
provide the argument --iam-account on the command line.
These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
This command uses the iam/v1 API. The full documentation for this API can be found at: https://cloud.google.com/iam/
This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early access allowlist. These variants are also available:
$ gcloud iam service-accounts keys upload
$ gcloud beta iam service-accounts keys upload