File: //snap/google-cloud-cli/396/lib/surface/iam/service_accounts/keys/upload.yaml
- release_tracks: [ALPHA, BETA, GA]
help_text:
brief: Upload a public key for an IAM service account.
description: |
Upload a public key for an IAM service account.
If the service account does not exist, this command returns a `PERMISSION_DENIED` error.
examples: |
The following command uploads a public key certificate to a service account:
{command} test_data/public_key.cert --iam-account=my-iam-account@my-project.iam.gserviceaccount.com
arguments:
resource:
help_text: The service account for which to upload a key.
spec: !REF googlecloudsdk.command_lib.iam.resources:iam_account
is_positional: false
is_parent_resource: true
params:
- arg_name: public_key_file
api_field: uploadServiceAccountKeyRequest.publicKeyData
required: true
is_positional: true
help_text: |
Path of the file containing the public key. Note that only public key data in the format of
RSA_X509_PEM is supported. See https://cloud.google.com/iot/docs/concepts/device-security#public_key_format
for more information.
processor: googlecloudsdk.command_lib.iam.hooks:GeneratePublicKeyDataFromFile
request:
collection: iam.projects.serviceAccounts.keys
modify_request_hooks:
- googlecloudsdk.command_lib.iam.hooks:EraseProjectHook
- googlecloudsdk.command_lib.iam.hooks:SetServiceAccountResource
method: upload