Identity and Access Management API, gRPC: KeyService
A set of methods for managing Key resources.
Call | Description |
---|---|
Get | Returns the specified Key resource. |
List | Retrieves the list of Key resources for the specified service account. |
Create | Creates a key pair for the specified service account. |
Update | Updates the specified key pair. |
Delete | Deletes the specified key pair. |
ListOperations | Lists operations for the specified key. |
Calls KeyService
Get
Returns the specified Key resource.
To get the list of available Key resources, make a List request.
rpc Get (GetKeyRequest) returns (Key)
GetKeyRequest
Field | Description |
---|---|
key_id | string Required. ID of the Key resource to return. To get the ID use a KeyService.List request. The maximum string length in characters is 50. |
format | enum KeyFormat Output format of the key.
|
Key
Field | Description |
---|---|
id | string ID of the Key resource. |
subject | oneof: user_account_id or service_account_id |
user_account_id | string ID of the user account that the Key resource belongs to. |
service_account_id | string ID of the service account that the Key resource belongs to. |
created_at | google.protobuf.Timestamp Creation timestamp. |
description | string Description of the Key resource. 0-256 characters long. |
key_algorithm | enum Algorithm An algorithm used to generate a key pair of the Key resource.
|
public_key | string A public key of the Key resource. |
last_used_at | google.protobuf.Timestamp Timestamp for the last use of this key. |
List
Retrieves the list of Key resources for the specified service account.
rpc List (ListKeysRequest) returns (ListKeysResponse)
ListKeysRequest
Field | Description |
---|---|
format | enum KeyFormat Output format of the key.
|
service_account_id | string ID of the service account to list key pairs for. To get the service account ID, use a yandex.cloud.iam.v1.ServiceAccountService.List request. If not specified, it defaults to the subject that made the request. The maximum string length in characters is 50. |
page_size | int64 The maximum number of results per page to return. If the number of available results is larger than page_size , the service returns a ListKeysResponse.next_page_token that can be used to get the next page of results in subsequent list requests. Default value: 100. The maximum value is 1000. |
page_token | string Page token. To get the next page of results, set page_token to the ListKeysResponse.next_page_token returned by a previous list request. The maximum string length in characters is 2000. |
ListKeysResponse
Field | Description |
---|---|
keys[] | Key List of Key resources. |
next_page_token | string This token allows you to get the next page of results for list requests. If the number of results is larger than ListKeysRequest.page_size, use the next_page_token as the value for the ListKeysRequest.page_token query parameter in the next list request. Each subsequent list request will have its own next_page_token to continue paging through the results. |
Key
Field | Description |
---|---|
id | string ID of the Key resource. |
subject | oneof: user_account_id or service_account_id |
user_account_id | string ID of the user account that the Key resource belongs to. |
service_account_id | string ID of the service account that the Key resource belongs to. |
created_at | google.protobuf.Timestamp Creation timestamp. |
description | string Description of the Key resource. 0-256 characters long. |
key_algorithm | enum Algorithm An algorithm used to generate a key pair of the Key resource.
|
public_key | string A public key of the Key resource. |
last_used_at | google.protobuf.Timestamp Timestamp for the last use of this key. |
Create
Creates a key pair for the specified service account.
rpc Create (CreateKeyRequest) returns (CreateKeyResponse)
CreateKeyRequest
Field | Description |
---|---|
service_account_id | string ID of the service account to create a key pair for. To get the service account ID, use a yandex.cloud.iam.v1.ServiceAccountService.List request. If not specified, it defaults to the subject that made the request. The maximum string length in characters is 50. |
description | string Description of the key pair. The maximum string length in characters is 256. |
format | enum KeyFormat Output format of the key.
|
key_algorithm | Key.Algorithm An algorithm used to generate a key pair of the Key resource. |
CreateKeyResponse
Field | Description |
---|---|
key | Key Key resource. |
private_key | string A private key of the Key resource. This key must be stored securely. |
Key
Field | Description |
---|---|
id | string ID of the Key resource. |
subject | oneof: user_account_id or service_account_id |
user_account_id | string ID of the user account that the Key resource belongs to. |
service_account_id | string ID of the service account that the Key resource belongs to. |
created_at | google.protobuf.Timestamp Creation timestamp. |
description | string Description of the Key resource. 0-256 characters long. |
key_algorithm | enum Algorithm An algorithm used to generate a key pair of the Key resource.
|
public_key | string A public key of the Key resource. |
last_used_at | google.protobuf.Timestamp Timestamp for the last use of this key. |
Update
Updates the specified key pair.
rpc Update (UpdateKeyRequest) returns (operation.Operation)
Metadata and response of Operation:
Operation.metadata:UpdateKeyMetadata
Operation.response:Key
UpdateKeyRequest
Field | Description |
---|---|
key_id | string Required. ID of the Key resource to update. To get key pair ID, use a KeyService.List request. The maximum string length in characters is 50. |
update_mask | google.protobuf.FieldMask Field mask that specifies which fields of the Key resource are going to be updated. |
description | string Description of the key pair. The maximum string length in characters is 256. |
Operation
Field | Description |
---|---|
id | string ID of the operation. |
description | string Description of the operation. 0-256 characters long. |
created_at | google.protobuf.Timestamp Creation timestamp. |
created_by | string ID of the user or service account who initiated the operation. |
modified_at | google.protobuf.Timestamp The time when the Operation resource was last modified. |
done | bool If the value is false , it means the operation is still in progress. If true , the operation is completed, and either error or response is available. |
metadata | google.protobuf.Any Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any. |
result | oneof: error or response The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true , exactly one of error or response is set. |
error | google.rpc.Status The error result of the operation in case of failure or cancellation. |
response | google.protobuf.Any if operation finished successfully. |
UpdateKeyMetadata
Field | Description |
---|---|
key_id | string ID of the Key resource that is being updated. |
Key
Field | Description |
---|---|
id | string ID of the Key resource. |
subject | oneof: user_account_id or service_account_id |
user_account_id | string ID of the user account that the Key resource belongs to. |
service_account_id | string ID of the service account that the Key resource belongs to. |
created_at | google.protobuf.Timestamp Creation timestamp. |
description | string Description of the Key resource. 0-256 characters long. |
key_algorithm | enum Algorithm An algorithm used to generate a key pair of the Key resource.
|
public_key | string A public key of the Key resource. |
last_used_at | google.protobuf.Timestamp Timestamp for the last use of this key. |
Delete
Deletes the specified key pair.
rpc Delete (DeleteKeyRequest) returns (operation.Operation)
Metadata and response of Operation:
Operation.metadata:DeleteKeyMetadata
Operation.response:google.protobuf.Empty
DeleteKeyRequest
Field | Description |
---|---|
key_id | string Required. ID of the key to delete. To get key ID use a KeyService.List request. The maximum string length in characters is 50. |
Operation
Field | Description |
---|---|
id | string ID of the operation. |
description | string Description of the operation. 0-256 characters long. |
created_at | google.protobuf.Timestamp Creation timestamp. |
created_by | string ID of the user or service account who initiated the operation. |
modified_at | google.protobuf.Timestamp The time when the Operation resource was last modified. |
done | bool If the value is false , it means the operation is still in progress. If true , the operation is completed, and either error or response is available. |
metadata | google.protobuf.Any Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any. |
result | oneof: error or response The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true , exactly one of error or response is set. |
error | google.rpc.Status The error result of the operation in case of failure or cancellation. |
response | google.protobuf.Any if operation finished successfully. |
DeleteKeyMetadata
Field | Description |
---|---|
key_id | string ID of the key that is being deleted. |
ListOperations
Lists operations for the specified key.
rpc ListOperations (ListKeyOperationsRequest) returns (ListKeyOperationsResponse)
ListKeyOperationsRequest
Field | Description |
---|---|
key_id | string Required. ID of the key to list operations for. The maximum string length in characters is 50. |
page_size | int64 The maximum number of results per page to return. If the number of available results is larger than page_size , the service returns a ListKeyOperationsResponse.next_page_token that can be used to get the next page of results in subsequent list requests. Default value: 100. Acceptable values are 0 to 1000, inclusive. |
page_token | string Page token. To get the next page of results, set page_token to the ListKeyOperationsResponse.next_page_token returned by a previous list request. The maximum string length in characters is 2000. |
ListKeyOperationsResponse
Field | Description |
---|---|
operations[] | operation.Operation List of operations for the specified key. |
next_page_token | string This token allows you to get the next page of results for list requests. If the number of results is larger than ListKeyOperationsRequest.page_size, use the next_page_token as the value for the ListKeyOperationsRequest.page_token query parameter in the next list request. Each subsequent list request will have its own next_page_token to continue paging through the results. |
Operation
Field | Description |
---|---|
id | string ID of the operation. |
description | string Description of the operation. 0-256 characters long. |
created_at | google.protobuf.Timestamp Creation timestamp. |
created_by | string ID of the user or service account who initiated the operation. |
modified_at | google.protobuf.Timestamp The time when the Operation resource was last modified. |
done | bool If the value is false , it means the operation is still in progress. If true , the operation is completed, and either error or response is available. |
metadata | google.protobuf.Any Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any. |
result | oneof: error or response The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true , exactly one of error or response is set. |
error | google.rpc.Status The error result of the operation in case of failure or cancellation. |
response | google.protobuf.Any The normal response of the operation in case of success. If the original method returns no data on success, such as Delete, the response is google.protobuf.Empty |