Creating a service account

Create a service account to manage resources under a different account.

Create a service account

  1. Log in to the management console.

  2. Click the line with the name of the folder where you want to create a service account.

  3. Go to the Service accounts tab.

  4. Click Create service account.

  5. Enter the name of the service account.

  6. To assign the service account a role for the current folder, click Add role and select a role, for example, editor.

    To assign a role for another resource, use the CLI or API following the instructions Assigning roles to a service account.

  7. Click Create.

The folder specified in the CLI profile is used by default. You can specify a different folder using the --folder-name or --folder-id parameter.

  1. See the description of the create service account command:

    $ yc iam service-account create --help
    
  2. Create a service account named my-robot:

    $ yc iam service-account create --name my-robot
    

    The name must be unique within the folder. The name may contain lowercase Latin letters, numbers, and hyphens. The first character must be a letter. The last character can't be a hyphen. The maximum length of the name is 63 characters.

To create a service account, use the create method for the ServiceAccount resource.

Examples

Add a description when creating

Create a service account with the following name and description:

$ yc iam service-account create --name my-robot \
    --description "this is my favorite service account"
curl -X POST \
    -H 'Content-Type: application/json' \
    -H "Authorization: Bearer <IAM-TOKEN>" \
    -d '{
        "folderId": "b1gvmob95yysaplct532",
        "name": "my-robot",
        "description": "this is my favorite service account"
    }' \
    https://iam.api.cloud.yandex.net/iam/v1/serviceAccounts

What's next