Creating a service account

Create a service account to manage resources under a different account.

Create a service account

  1. Select a folder.

  2. Go to the Service accounts tab.

  3. Click Create service account.

  4. Enter the name of the service account.

  5. You can immediately assign the service account a role for the folder where it is created. To do this, click Add role and select a role.

    To assign a role for another resource, use the CLI or API by following the instructions Assigning roles to a service account.

  6. Click Add.

The folder specified in the CLI profile is used by default. You can specify a different folder using the --folder-name or --folder-id flag.

  1. See the description of the create service account command:

    $ yc iam service-account create --help
    
  2. Create a service account named my-robot:

    $ yc iam service-account create --name my-robot
    

    The name must be unique within the folder. The name may contain lowercase Latin letters, numbers, and hyphens. The first character must be a letter. The last character can't be a hyphen. The maximum length of the name is 63 characters.

To create a service account, use the create method for the ServiceAccount resource.

Examples

Add a description when creating

Create a service account with the following name and description:

$ yc iam service-account create --name my-robot \
    --description "this is my favorite service account"
curl -X POST \
    -H 'Content-Type: application/json' \
    -H "Authorization: Bearer <IAM-TOKEN>" \
    -d '{
        "folderId": "b1gvmob95yysaplct532",
        "name": "my-robot",
        "description": "this is my favorite service account"
    }' \
    https://iam.api.cloud.yandex.net/iam/v1/serviceAccounts

What's next