NAME

gcloud alpha iam service-accounts keys upload - upload a public key for an IAM service account

SYNOPSIS

gcloud alpha iam service-accounts keys upload PUBLIC_KEY_FILE --iam-account=IAM_ACCOUNT [GCLOUD_WIDE_FLAG ...]

DESCRIPTION

(ALPHA) Upload a public key for an IAM service account.

If the service account does not exist, this command returns a PERMISSION_DENIED error.

EXAMPLES

The following command uploads a public key certificate to a service account:.RS 2m gcloud alpha iam service-accounts keys upload test_data/public_key.cert --iam-account=my-iam-account@my-project.iam.gserviceaccount.com

POSITIONAL ARGUMENTS

PUBLIC_KEY_FILE

Path of the file containing the public key. Note that only public key data in the format of RSA_X509_PEM is supported. See https://cloud.google.com/iot/docs/concepts/device-security#public_key_format for more information.

REQUIRED FLAGS

IamAccount resource - The service account for which to upload a key. This

represents a Cloud resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. To set the project attribute:

provide the argument --iam-account on the command line with a fully specified name;

set the property core/project;

provide the argument --project on the command line.

This must be specified.

--iam-account=IAM_ACCOUNT

ID of the iamAccount or fully qualified identifier for the iamAccount. To set the iam-account attribute:

  • provide the argument --iam-account on the command line.

GCLOUD WIDE FLAGS

These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.

Run $ gcloud help for details.

API REFERENCE

This command uses the iam/v1 API. The full documentation for this API can be found at: https://cloud.google.com/iam/

NOTES

This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early access allowlist. These variants are also available:

$ gcloud iam service-accounts keys upload

$ gcloud beta iam service-accounts keys upload