Get started
Yandex Identity and Access Management

Creating a service account

Create a service account to manage resources under a different account.

Create a service account

  1. Log in to the management console.

  2. Click the line with the name of the folder where you want to create a service account.

  3. Go to the Service accounts tab.

  4. Click Create service account.

  5. Enter the name of the service account.

  6. To assign the service account a role for the current folder, click Add role and select a role, for example, editor.

    To assign a role for another resource, use the CLI or API following the instructions Assigning roles to a service account.

  7. Click Create.

The folder specified in the CLI profile is used by default. You can specify a different folder using the --folder-name or --folder-id parameter.

  1. See the description of the create service account command:

    $ yc iam service-account create --help

  2. Create a service account named my-robot:

    $ yc iam service-account create --name my-robot
    • Length — from 3 to 63 characters.
    • The name may contain lowercase Latin letters, numbers, and hyphens.
    • The first character must be a letter. The last character can't be a hyphen.

To create a service account, use the create method for the ServiceAccount resource.

Examples

Add a description when creating

Create a service account with the following name and description:

$ yc iam service-account create --name my-robot \
    --description "this is my favorite service account"

curl -X POST \
    -H 'Content-Type: application/json' \
    -H "Authorization: Bearer <IAM-TOKEN>" \
    -d '{
        "folderId": "b1gvmob95yysaplct532",
        "name": "my-robot",
        "description": "this is my favorite service account"
    }' \
    https://iam.api.cloud.yandex.net/iam/v1/serviceAccounts

What's next

In this article: