Method create

Creates a key pair for the specified service account.

HTTP request

POST https://iam.api.cloud.yandex.net/iam/v1/keys

Body parameters

 {
  "serviceAccountId": "string",
  "description": "string",
  "format": "string",
  "keyAlgorithm": "string"
}
Field Description
serviceAccountId string

ID of the service account to create a key pair for. To get the service account ID, use a list request. If not specified, it defaults to the subject that made the request.

The maximum string length in characters is 50.

description string

Description of the key pair.

The maximum string length in characters is 256.

format string

Output format of the key.

  • PEM_FILE: Privacy-Enhanced Mail (PEM) format. Default value.
keyAlgorithm string

An algorithm used to generate a key pair of the Key resource.

  • RSA_2048: RSA with a 2048-bit key size. Default value.
  • RSA_4096: RSA with a 4096-bit key size.

Response

HTTP Code: 200 - OK

 {
  "key": {
    "id": "string",
    "createdAt": "string",
    "description": "string",
    "keyAlgorithm": "string",
    "publicKey": "string",

    // `key`includes only one of the fields `userAccountId`, `serviceAccountId`
    "userAccountId": "string",
    "serviceAccountId": "string",
    // end of the list of possible fields`key`

  },
  "privateKey": "string"
}
Field Description
key object

Key resource.

A Key resource. For more information, see Keys.

key.
id
string

ID of the Key resource.

key.
createdAt
string (date-time)

Creation timestamp in RFC3339 text format.

key.
description
string

Description of the Key resource. 0-256 characters long.

key.
keyAlgorithm
string
  • RSA_2048: RSA with a 2048-bit key size. Default value.
  • RSA_4096: RSA with a 4096-bit key size.
key.
publicKey
string

A public key of the Key resource.

key.
userAccountId
string
key includes only one of the fields userAccountId, serviceAccountId

ID of the user account that the Key resource belongs to.

key.
serviceAccountId
string
key includes only one of the fields userAccountId, serviceAccountId

ID of the service account that the Key resource belongs to.

privateKey string

A private key of the Key resource. This key must be stored securely.