yc iam key create

Written by

Updated at January 27, 2026

Create an IAM key for for authenticated account or the specified service account.
Created key will be written to file in JSON format.

Command Usage

Syntax:

yc iam key create [Flags...] [Global Flags...]

Flags

Flag	Description
`-o`, `--output`	`string` The path where the resulting IAM key should be written.
`--service-account-id`	`string` service account id.
`--service-account-name`	`string` service account name.
`--description`	`string` Specifies a textual description of the service account.
`--algorithm`	`string` Specifies key algorithm. Otherwise server default will be used. Values: 'rsa-2048', 'rsa-4096'

Global Flags

Flag	Description
`--profile`	`string` Set the custom configuration file.
`--debug`	Debug logging.
`--debug-grpc`	Debug gRPC logging. Very verbose, used for debugging connection problems.
`--no-user-output`	Disable printing user intended output to stderr.
`--retry`	`int` Enable gRPC retries. By default, retries are enabled with maximum 5 attempts. Pass 0 to disable retries. Pass any negative value for infinite retries. Even infinite retries are capped with 2 minutes timeout.
`--cloud-id`	`string` Set the ID of the cloud to use.
`--folder-id`	`string` Set the ID of the folder to use.
`--folder-name`	`string` Set the name of the folder to use (will be resolved to id).
`--endpoint`	`string` Set the Cloud API endpoint (host:port).
`--token`	`string` Set the OAuth token to use.
`--impersonate-service-account-id`	`string` Set the ID of the service account to impersonate.
`--no-browser`	Disable opening browser for authentication.
`--format`	`string` Set the output format: text (default), yaml, json, json-rest.
`--jq`	`string` Query to select values from the response using jq syntax
`-h`, `--help`	Display help for the command.

Was the article helpful?

Previous

Next