Identity and Access Management API, gRPC: AccessKeyService
Written by
A set of methods for managing access keys.
| Call | Description |
|---|---|
| List | Retrieves the list of access keys for the specified service account. |
| Get | Returns the specified access key. |
| Create | Creates an access key for the specified service account. |
| Update | Updates the specified access key. |
| Delete | Deletes the specified access key. |
| ListOperations | Retrieves the list of operations for the specified access key. |
Calls AccessKeyService
List
Retrieves the list of access keys for the specified service account.
rpc List (ListAccessKeysRequest) returns (ListAccessKeysResponse)
ListAccessKeysRequest
| Field | Description |
|---|---|
| service_account_id | string ID of the service account to list access keys for. To get the service account ID, use a yandex.cloud.iam.v1.ServiceAccountService.List request. If not specified, it defaults to the subject that made the request. The maximum string length in characters is 50. |
| page_size | int64 The maximum number of results per page to return. If the number of available results is larger than page_size, the service returns a ListAccessKeysResponse.next_page_token that can be used to get the next page of results in subsequent list requests. Default value: 100. The maximum value is 1000. |
| page_token | string Page token. To get the next page of results, set page_token to the ListAccessKeysResponse.next_page_token returned by a previous list request. The maximum string length in characters is 2000. |
ListAccessKeysResponse
| Field | Description |
|---|---|
| access_keys[] | AccessKey List of access keys. |
| next_page_token | string This token allows you to get the next page of results for list requests. If the number of results is larger than ListAccessKeysRequest.page_size, use the next_page_token as the value for the ListAccessKeysRequest.page_token query parameter in the next list request. Each subsequent list request will have its own next_page_token to continue paging through the results. |
AccessKey
| Field | Description |
|---|---|
| id | string ID of the AccessKey resource. It is used to manage secret credentials: an access key ID and a secret access key. |
| service_account_id | string ID of the service account that the access key belongs to. |
| created_at | google.protobuf.Timestamp Creation timestamp. |
| description | string Description of the access key. 0-256 characters long. |
| key_id | string ID of the access key. The key is AWS compatible. |
Get
Returns the specified access key.
To get the list of available access keys, make a List request.
rpc Get (GetAccessKeyRequest) returns (AccessKey)
GetAccessKeyRequest
| Field | Description |
|---|---|
| access_key_id | string Required. ID of the AccessKey resource to return. To get the access key ID, use a AccessKeyService.List request. The maximum string length in characters is 50. |
AccessKey
| Field | Description |
|---|---|
| id | string ID of the AccessKey resource. It is used to manage secret credentials: an access key ID and a secret access key. |
| service_account_id | string ID of the service account that the access key belongs to. |
| created_at | google.protobuf.Timestamp Creation timestamp. |
| description | string Description of the access key. 0-256 characters long. |
| key_id | string ID of the access key. The key is AWS compatible. |
Create
Creates an access key for the specified service account.
rpc Create (CreateAccessKeyRequest) returns (CreateAccessKeyResponse)
CreateAccessKeyRequest
| Field | Description |
|---|---|
| service_account_id | string ID of the service account to create an access key for. To get the service account ID, use a yandex.cloud.iam.v1.ServiceAccountService.List request. If not specified, it defaults to the subject that made the request. The maximum string length in characters is 50. |
| description | string Description of the access key. The maximum string length in characters is 256. |
CreateAccessKeyResponse
| Field | Description |
|---|---|
| access_key | AccessKey AccessKey resource. |
| secret | string Secret access key. The key is AWS compatible. |
AccessKey
| Field | Description |
|---|---|
| id | string ID of the AccessKey resource. It is used to manage secret credentials: an access key ID and a secret access key. |
| service_account_id | string ID of the service account that the access key belongs to. |
| created_at | google.protobuf.Timestamp Creation timestamp. |
| description | string Description of the access key. 0-256 characters long. |
| key_id | string ID of the access key. The key is AWS compatible. |
Update
Updates the specified access key.
rpc Update (UpdateAccessKeyRequest) returns (operation.Operation)
Metadata and response of Operation:
Operation.metadata:UpdateAccessKeyMetadata
Operation.response:AccessKey
UpdateAccessKeyRequest
| Field | Description |
|---|---|
| access_key_id | string Required. ID of the AccessKey resource to update. To get the access key ID, use a AccessKeyService.List request. The maximum string length in characters is 50. |
| update_mask | google.protobuf.FieldMask Field mask that specifies which fields of the Accesskey resource are going to be updated. |
| description | string Description of the access key. The maximum string length in characters is 256. |
Operation
| Field | Description |
|---|---|
| id | string ID of the operation. |
| description | string Description of the operation. 0-256 characters long. |
| created_at | google.protobuf.Timestamp Creation timestamp. |
| created_by | string ID of the user or service account who initiated the operation. |
| modified_at | google.protobuf.Timestamp The time when the Operation resource was last modified. |
| done | bool If the value is false, it means the operation is still in progress. If true, the operation is completed, and either error or response is available. |
| metadata | google.protobuf.Any<UpdateAccessKeyMetadata> Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any. |
| result | oneof: error or responseThe operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true, exactly one of error or response is set. |
| error | google.rpc.Status The error result of the operation in case of failure or cancellation. |
| response | google.protobuf.Any<AccessKey> if operation finished successfully. |
UpdateAccessKeyMetadata
| Field | Description |
|---|---|
| access_key_id | string ID of the AccessKey resource that is being updated. |
AccessKey
| Field | Description |
|---|---|
| id | string ID of the AccessKey resource. It is used to manage secret credentials: an access key ID and a secret access key. |
| service_account_id | string ID of the service account that the access key belongs to. |
| created_at | google.protobuf.Timestamp Creation timestamp. |
| description | string Description of the access key. 0-256 characters long. |
| key_id | string ID of the access key. The key is AWS compatible. |
Delete
Deletes the specified access key.
rpc Delete (DeleteAccessKeyRequest) returns (operation.Operation)
Metadata and response of Operation:
Operation.metadata:DeleteAccessKeyMetadata
Operation.response:google.protobuf.Empty
DeleteAccessKeyRequest
| Field | Description |
|---|---|
| access_key_id | string Required. ID of the access key to delete. To get the access key ID, use a AccessKeyService.List request. The maximum string length in characters is 50. |
Operation
| Field | Description |
|---|---|
| id | string ID of the operation. |
| description | string Description of the operation. 0-256 characters long. |
| created_at | google.protobuf.Timestamp Creation timestamp. |
| created_by | string ID of the user or service account who initiated the operation. |
| modified_at | google.protobuf.Timestamp The time when the Operation resource was last modified. |
| done | bool If the value is false, it means the operation is still in progress. If true, the operation is completed, and either error or response is available. |
| metadata | google.protobuf.Any<DeleteAccessKeyMetadata> Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any. |
| result | oneof: error or responseThe operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true, exactly one of error or response is set. |
| error | google.rpc.Status The error result of the operation in case of failure or cancellation. |
| response | google.protobuf.Any<google.protobuf.Empty> if operation finished successfully. |
DeleteAccessKeyMetadata
| Field | Description |
|---|---|
| access_key_id | string ID of the access key that is being deleted. |
ListOperations
Retrieves the list of operations for the specified access key.
rpc ListOperations (ListAccessKeyOperationsRequest) returns (ListAccessKeyOperationsResponse)
ListAccessKeyOperationsRequest
| Field | Description |
|---|---|
| access_key_id | string Required. ID of the key to list operations for. The maximum string length in characters is 50. |
| page_size | int64 The maximum number of results per page to return. If the number of available results is larger than page_size, the service returns a ListAccessKeyOperationsResponse.next_page_token that can be used to get the next page of results in subsequent list requests. Default value: 100. Acceptable values are 0 to 1000, inclusive. |
| page_token | string Page token. To get the next page of results, set page_token to the ListAccessKeyOperationsResponse.next_page_token returned by a previous list request. The maximum string length in characters is 2000. |
ListAccessKeyOperationsResponse
| Field | Description |
|---|---|
| operations[] | operation.Operation List of operations for the specified access key. |
| next_page_token | string This token allows you to get the next page of results for list requests. If the number of results is larger than ListAccessKeyOperationsRequest.page_size, use the next_page_token as the value for the ListAccessKeyOperationsRequest.page_token query parameter in the next list request. Each subsequent list request will have its own next_page_token to continue paging through the results. |
Operation
| Field | Description |
|---|---|
| id | string ID of the operation. |
| description | string Description of the operation. 0-256 characters long. |
| created_at | google.protobuf.Timestamp Creation timestamp. |
| created_by | string ID of the user or service account who initiated the operation. |
| modified_at | google.protobuf.Timestamp The time when the Operation resource was last modified. |
| done | bool If the value is false, it means the operation is still in progress. If true, the operation is completed, and either error or response is available. |
| metadata | google.protobuf.Any Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any. |
| result | oneof: error or responseThe operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true, exactly one of error or response is set. |
| error | google.rpc.Status The error result of the operation in case of failure or cancellation. |
| response | google.protobuf.Any The normal response of the operation in case of success. If the original method returns no data on success, such as Delete, the response is google.protobuf.Empty. If the original method is the standard Create/Update, the response should be the target resource of the operation. Any method that returns a long-running operation should document the response type, if any. |