Patches a ServiceAccountKey
.
HTTP request
POST https://iam.googleapis.com/v1/{serviceAccountKey.name=projects/*/serviceAccounts/*/keys/*}:patch
The URL uses gRPC Transcoding syntax.
Path parameters
Parameters | |
---|---|
serviceAccountKey.name |
The resource name of the service account key in the following format |
Request body
The request body contains data with the following structure:
JSON representation |
---|
{ "serviceAccountKey": { "name": string, "privateKeyType": enum ( |
Fields | |
---|---|
serviceAccountKey.privateKeyType |
The output format for the private key. Only provided in Google never exposes system-managed private keys, and never retains user-managed private keys. |
serviceAccountKey.keyAlgorithm |
Specifies the algorithm (and possibly key size) for the key. |
serviceAccountKey.privateKeyData |
The private key data. Only provided in A base64-encoded string. |
serviceAccountKey.publicKeyData |
The public key data. Only provided in A base64-encoded string. |
serviceAccountKey.validAfterTime |
The key can be used after this timestamp. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
serviceAccountKey.validBeforeTime |
The key can be used before this timestamp. For system-managed key pairs, this timestamp is the end time for the private key signing operation. The public key could still be used for verification for a few hours after this time. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
serviceAccountKey.keyOrigin |
The key origin. |
serviceAccountKey.keyType |
The key type. |
serviceAccountKey.disabled |
The key status. |
serviceAccountKey.disableReason |
Output only. optional. If the key is disabled, it may have a DisableReason describing why it was disabled. |
serviceAccountKey.extendedStatus[] |
Output only. Extended Status provides permanent information about a service account key. For example, if this key was detected as exposed or compromised, that information will remain for the lifetime of the key in the extendedStatus. |
serviceAccountKey.contact |
Optional. A user provided email address as the point of contact for this service account key. Must be an email address. Limit 64 characters. |
serviceAccountKey.description |
Optional. A user provided description of this service account key. |
serviceAccountKey.creator |
Output only. The cloud identity that created this service account key. Populated automatically when the key is created and not editable by the user. |
updateMask |
Required. The update mask to apply to the service account key. Only the following fields are eligible for patching: - contact - description This is a comma-separated list of fully qualified names of fields. Example: |
Response body
If successful, the response body contains an instance of ServiceAccountKey
.
Authorization scopes
Requires one of the following OAuth scopes:
https://www.googleapis.com/auth/iam
https://www.googleapis.com/auth/cloud-platform
For more information, see the Authentication Overview.