Deleting API keys
- In the management console
, navigate to the folder the service account belongs to. - In the list of services, select Identity and Access Management.
- In the left-hand panel, select
Service accounts and select the required service account. - Under API keys, click
in the line with the API key to delete, and select Delete. - In the window that opens, confirm the deletion.
If you do not have the Yandex Cloud command line interface yet, install and initialize it.
-
Get a list of API key
ID
s for a specific service account. Specify the service account name in the--service-account-name
parameter:yc iam api-key list --service-account-name <service_account_name>
Result:
+----------------------+---------------------+ | ID | CREATED AT | +----------------------+---------------------+ | ajenhvftf77r******** | 2022-03-13 21:15:40 | | ajeq610sgh05******** | 2022-03-13 21:14:43 | +----------------------+---------------------+
The folder specified in the CLI profile is used by default to search for the service account. You can specify a different folder using the
--folder-name
or--folder-id
flag. -
Delete the old API key. Replace
<ID>
with your API key ID:yc iam api-key delete <ID>
If you don't have Terraform, install it and configure the Yandex Cloud provider.
-
Open the Terraform configuration file and delete the fragment with the API key description.
Example API key description in the Terraform configuration:
resource "yandex_iam_service_account_api_key" "sa-api-key" { service_account_id = "<service_account_ID>" description = "<key_description>" pgp_key = "<PGP_key>" }
-
Delete the record with information about the resource.
For more information about the resources you can create with Terraform, see the provider documentation
. -
Make sure the configuration files are correct.
-
In the command line, go to the folder where you created the configuration file.
-
Run a check using this command:
terraform plan
If the configuration is described correctly, the terminal will display a list of created resources and their parameters. If the configuration contains any errors, Terraform will point them out.
-
-
Deploy cloud resources.
-
If the configuration does not contain any errors, run this command:
terraform apply
-
Confirm creating the resources: type
yes
in the terminal and press Enter.
All the resources you need will then be created in the specified folder. You can check the new resources and their settings using the management console
and this CLI command:yc iam key list --service-account-id <service_account_ID>
-
Delete the API key using the delete REST API method for the ApiKey resource:
export APIKEY_ID=ajeke74kbp5b********
export IAM_TOKEN=CggaATEVAgA...
curl \
--request DELETE \
--header "Authorization: Bearer $IAM_TOKEN" \
https://iam.api.cloud.yandex.net/iam/v1/apiKeys/$APIKEY_ID
You can also delete the API key using the ApiKeyService/Delete gRPC API call.