service_account_key#

State module for managing ServiceAccountKeys.

async idem_gcp.states.gcp.iam.service_account_key.present(hub, ctx, name: str, resource_id: str = None, private_key_type: str = None, key_algorithm: str = None, key_origin: str = None, key_type: str = None, valid_before_time: str = None, valid_after_time: str = None, service_account_id: str = None)[source]#

Create a service account key.

Parameters:

  • name (str, Optional) – The resource name of the service account key.

  • resource_id (str, Optional) – An identifier of the resource in the provider. Defaults to None.

  • service_account_id (str, Optional) – Required on create. The account resource id used to create a service key

  • private_key_type (str, Optional) – The output format of the private key. The default value is TYPE_GOOGLE_CREDENTIALS_FILE, which is the Google Credentials File format.

  • key_algorithm (str, Optional) – Which type of key and algorithm to use for the key. The default is currently a 2K RSA key. However this may change in the future.

  • key_origin (str, Optional) – The key origin. One of “ORIGIN_UNSPECIFIED”, “USER_PROVIDED”, “GOOGLE_PROVIDED”.

  • key_type (str, Optional) – The key type. One of “KEY_TYPE_UNSPECIFIED”, “USER_MANAGED”, “SYSTEM_MANAGED”

  • valid_before_time (str, Optional) – The key can be used before this timestamp. For system-managed key pairs, this timestamp is the end time for the private key signing operation. The public key could still be used for verification for a few hours after this time.

  • valid_after_time (str, Optional) – The key can be used after this timestamp.

Returns:

Dict[str, Any]

Examples

resource_is_present:
  gcp.iam.service_account_key.present:
  - private_key_type: TYPE_PKCS12_FILE
  - key_algorithm: KEY_ALG_RSA_2048
  - service_account_id: projects/project/serviceAccounts/test@test.iam.gserviceaccount.com
async idem_gcp.states.gcp.iam.service_account_key.absent(hub, ctx, name: str, resource_id: str = None)[source]#

Deletes a service account key.

Parameters:

  • name (str) – The name of the resource

  • resource_id (str, Optional) – The resource_id of the resource

Returns:

Dict[str, Any]

Examples

resource_is_absent:
  gcp.iam.service_account_key.absent:
  - resource_id: resource-id
async idem_gcp.states.gcp.iam.service_account_key.describe(hub, ctx) Dict[str, Dict[str, Any]][source]#

Describe the resource in a way that can be recreated/managed with the corresponding “present” function.

Retrieves the list of available keys for a given service account.

Returns:

Dict[str, Any]

Examples

$ idem describe gcp.iam.service_account_key
idem_gcp.states.gcp.iam.service_account_key.is_pending(hub, ret: dict, state: str = None, **pending_kwargs) bool[source]#

Default implemented for each module.