gcloud iam service-accounts - create and manipulate service accounts
gcloud iam service-accounts GROUP | COMMAND [GCLOUD_WIDE_FLAG ...]
Create and manipulate IAM service accounts. A service account is a special Google account that belongs to your application or a VM, instead of to an individual end user. Your application uses the service account to call the Google API of a service, so that the users aren't directly involved.
Note: Service accounts use client quotas for tracking usage.
More information on service accounts can be found at: https://cloud.google.com/iam/docs/service-accounts
These flags are available to all commands: --help.
Run $ gcloud help for details.
GROUP is one of the following:
- keys
Manage service account keys.
COMMAND is one of the following:
- add-iam-policy-binding
Add an IAM policy binding to an IAM service account.
- create
Create a service account for a project.
- delete
Delete a service account from a project.
- describe
Show metadata for a service account from a project.
- disable
Disable an IAM service account.
- enable
Enable an IAM service account.
- get-iam-policy
Get the IAM policy for a service account.
- list
List all of a project's service accounts.
- remove-iam-policy-binding
Remove IAM policy binding from a service account.
- set-iam-policy
Set IAM policy for a service account.
- sign-blob
Sign a blob with a managed service account key.
- sign-jwt
Sign a JWT with a managed service account key.
- undelete
Undelete a service account for a project.
- update
Update an IAM service account.
These variants are also available:
$ gcloud alpha iam service-accounts
$ gcloud beta iam service-accounts