pulumi-gcp-kotlin/com.pulumi.gcp.serviceAccount.kotlin/KeyArgs

KeyArgs

data class KeyArgs(val keepers: Output<Map<String, Any>>? = null, val keyAlgorithm: Output<String>? = null, val privateKeyType: Output<String>? = null, val publicKeyData: Output<String>? = null, val publicKeyType: Output<String>? = null, val serviceAccountId: Output<String>? = null) : ConvertibleToJava<KeyArgs>

Example Usage

Creating A New Key

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.serviceAccount.Account;
import com.pulumi.gcp.serviceAccount.AccountArgs;
import com.pulumi.gcp.serviceAccount.Key;
import com.pulumi.gcp.serviceAccount.KeyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var myaccount = new Account("myaccount", AccountArgs.builder()
            .accountId("myaccount")
            .displayName("My Service Account")
            .build());
        var mykey = new Key("mykey", KeyArgs.builder()
            .serviceAccountId(myaccount.name())
            .publicKeyType("TYPE_X509_PEM_FILE")
            .build());
    }
}
Content copied to clipboard

Creating And Regularly Rotating A Key

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.serviceAccount.Account;
import com.pulumi.gcp.serviceAccount.AccountArgs;
import com.pulumi.time.Rotating;
import com.pulumi.time.RotatingArgs;
import com.pulumi.gcp.serviceAccount.Key;
import com.pulumi.gcp.serviceAccount.KeyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var myaccount = new Account("myaccount", AccountArgs.builder()
            .accountId("myaccount")
            .displayName("My Service Account")
            .build());
        var mykeyRotation = new Rotating("mykeyRotation", RotatingArgs.builder()
            .rotationDays(30)
            .build());
        var mykey = new Key("mykey", KeyArgs.builder()
            .serviceAccountId(myaccount.name())
            .keepers(Map.of("rotation_time", mykeyRotation.rotationRfc3339()))
            .build());
    }
}
Content copied to clipboard

Import

This resource does not support import.

Constructors

Link copied to clipboard
constructor(keepers: Output<Map<String, Any>>? = null, keyAlgorithm: Output<String>? = null, privateKeyType: Output<String>? = null, publicKeyData: Output<String>? = null, publicKeyType: Output<String>? = null, serviceAccountId: Output<String>? = null)

Properties

Link copied to clipboard
val keepers: Output<Map<String, Any>>? = null

Arbitrary map of values that, when changed, will trigger a new key to be generated.

Link copied to clipboard
val keyAlgorithm: Output<String>? = null

The algorithm used to generate the key. KEY_ALG_RSA_2048 is the default algorithm. Valid values are listed at ServiceAccountPrivateKeyType (only used on create)

Link copied to clipboard
val privateKeyType: Output<String>? = null

The output format of the private key. TYPE_GOOGLE_CREDENTIALS_FILE is the default output format.

Link copied to clipboard
val publicKeyData: Output<String>? = null

Public key data to create a service account key for given service account. The expected format for this field is a base64 encoded X509_PEM and it conflicts with public_key_type and private_key_type.

Link copied to clipboard
val publicKeyType: Output<String>? = null

The output format of the public key requested. TYPE_X509_PEM_FILE is the default output format.

Link copied to clipboard
val serviceAccountId: Output<String>? = null

The Service account id of the Key. This can be a string in the format {ACCOUNT} or projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}. If the {ACCOUNT}-only syntax is used, either the full email address of the service account or its name can be specified as a value, in which case the project will automatically be inferred from the account. Otherwise, if the projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT} syntax is used, the {ACCOUNT} specified can be the full email address of the service account or the service account's unique id. Substituting - as a wildcard for the {PROJECT_ID} will infer the project from the account.

Functions

Link copied to clipboard
open override fun toJava(): KeyArgs