NAME

gcloud iam service-accounts sign-blob - sign a blob with a managed service account key

SYNOPSIS

gcloud iam service-accounts sign-blob INPUT-FILE OUTPUT-FILE --iam-account=IAM_ACCOUNT [GCLOUD_WIDE_FLAG ...]

DESCRIPTION

This command signs a file containing arbitrary binary data (a blob) using a system-managed service account key.

If the service account does not exist, this command returns a PERMISSION_DENIED error.

EXAMPLES

To sign a blob file with a system-managed service account key, run:

$ gcloud iam service-accounts sign-blob \ --iam-account=my-iam-account@my-project.iam.gserviceaccount.com \ input.bin output.bin

POSITIONAL ARGUMENTS

INPUT-FILE

A path to the blob file to be signed.

OUTPUT-FILE

A path the resulting signed blob will be written to.

REQUIRED FLAGS

--iam-account=IAM_ACCOUNT

The service account to sign as.

GCLOUD WIDE FLAGS

These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.

Run $ gcloud help for details.

SEE ALSO

For more information on how this command ties into the wider cloud infrastructure, please see https://cloud.google.com/appengine/docs/java/appidentity/

NOTES

These variants are also available:

$ gcloud alpha iam service-accounts sign-blob

$ gcloud beta iam service-accounts sign-blob