Deleting API keys
- In the management console
, navigate to the folder the service account belongs to. - At the top of the screen, go to the Service accounts tab.
- Choose a service account and click the row with its name.
- In the Authorized keys list, find an API key to be deleted.
- Click
in the row of the key. - Select Delete.
- In the window that opens, click Delete.
If you do not have the Yandex Cloud command line interface yet, install and initialize it.
-
Get a list of API
ID
s for a specific service account. Specify the service account name in the--service-account-name
parameter:yc iam api-key list --service-account-name <service_account_name>
Result:
+----------------------+---------------------+ | ID | CREATED AT | +----------------------+---------------------+ | ajenhvftf77r******** | 2022-03-13 21:15:40 | | ajeq610sgh05******** | 2022-03-13 21:14:43 | +----------------------+---------------------+
The folder specified in the CLI profile is used by default to search for the service account. You can specify a different folder using the
--folder-name
or--folder-id
flag. -
Delete the old API key. Instead of
<ID>
specify the API key ID:yc iam api-key delete <ID>
If you don't have Terraform, install it and configure the Yandex Cloud provider.
-
Open the Terraform configuration file and delete the fragment with the API key description.
Example API key description in the Terraform configuration:
resource "yandex_iam_service_account_api_key" "sa-api-key" { service_account_id = "<service_account_ID>" description = "<key_description>" pgp_key = "<PGP_key>" }
-
Delete the record with information about the resource.
For more information about the resources you can create with Terraform, see the provider documentation
. -
Make sure the configuration files are correct.
-
In the command line, go to the folder where you created the configuration file.
-
Run a check using this command:
terraform plan
If the configuration is described correctly, the terminal will display a list of created resources and their parameters. If the configuration contains any errors, Terraform will point them out.
-
-
Deploy cloud resources.
-
If the configuration does not contain any errors, run this command:
terraform apply
-
Confirm creating the resources: type
yes
in the terminal and press Enter.
All the resources you need will then be created in the specified folder. You can check the new resources and their configuration using the management console
and this CLI command:yc iam key list --service-account-id <service_account_ID>
-
Delete the API key using the delete REST API method for the ApiKey resource:
export APIKEY_ID=ajeke74kbp5b********
export IAM_TOKEN=CggaATEVAgA...
curl -X DELETE -H "Authorization: Bearer $IAM_TOKEN" \
https://iam.api.cloud.yandex.net/iam/v1/apiKeys/$APIKEY_ID
You can also delete the API key using the ApiKeyService/Delete gRPC API call.