GCPServiceAccount
Global Operations
Resource path:
/global-config/services/GoogleCloudServiceAccountService/serviceAccounts
Resource version: 1.0
create
Usage
am> create GCPServiceAccount --global --id id --body body
Parameters
- --id
-
The unique identifier for the resource.
- --body
-
The resource in JSON format, described by the following JSON schema:
{ "type" : "object", "properties" : { "allowedSecretNamePatterns" : { "title" : "Allowed Secret Names", "description" : "A list of patterns of Google Secret Manager secret names that are allowed to be usedwith this service account. Patterns can include the wildcard \"*\".", "propertyOrder" : 300, "required" : true, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "allowedRealms" : { "title" : "Allowed Realms", "description" : "A list of realms that are allowed to use this service account. Realms should be specified in path form, such as <code>/subrealm/subsubrealm</code>.", "propertyOrder" : 200, "required" : true, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "disallowedSecretNamePatterns" : { "title" : "Disallowed Secret Names", "description" : "A list of patterns of Google Secret Manager secret names that are <em>not</em> allowed to be used with this service account. Patterns can include the wildcard \"*\".", "propertyOrder" : 400, "required" : true, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "credentialsSecretId" : { "title" : "Credentials Secret Label", "description" : "The label of the secret that contains the GCP service account credentials. Leave blank to use the default credentials from the environment. Credentials can be loaded from disk using a FileSystem Secret Store.", "propertyOrder" : 100, "required" : false, "type" : "string", "exampleValue" : "" } } }
delete
Usage
am> delete GCPServiceAccount --global --id id
Parameters
- --id
-
The unique identifier for the resource.
getAllTypes
Obtain the collection of all secondary configuration types related to the resource.
Usage
am> action GCPServiceAccount --global --actionName getAllTypes
getCreatableTypes
Obtain the collection of secondary configuration types that have yet to be added to the resource.
Usage
am> action GCPServiceAccount --global --actionName getCreatableTypes
nextdescendents
Obtain the collection of secondary configuration instances that have been added to the resource.
Usage
am> action GCPServiceAccount --global --actionName nextdescendents
query
Get the full list of instances of this collection. This query only supports _queryFilter=true
filter.
Usage
am> query GCPServiceAccount --global --filter filter
Parameters
- --filter
-
A CREST formatted query filter, where "true" will query all.
read
Usage
am> read GCPServiceAccount --global --id id
Parameters
- --id
-
The unique identifier for the resource.
update
Usage
am> update GCPServiceAccount --global --id id --body body
Parameters
- --id
-
The unique identifier for the resource.
- --body
-
The resource in JSON format, described by the following JSON schema:
{ "type" : "object", "properties" : { "allowedSecretNamePatterns" : { "title" : "Allowed Secret Names", "description" : "A list of patterns of Google Secret Manager secret names that are allowed to be usedwith this service account. Patterns can include the wildcard \"*\".", "propertyOrder" : 300, "required" : true, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "allowedRealms" : { "title" : "Allowed Realms", "description" : "A list of realms that are allowed to use this service account. Realms should be specified in path form, such as <code>/subrealm/subsubrealm</code>.", "propertyOrder" : 200, "required" : true, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "disallowedSecretNamePatterns" : { "title" : "Disallowed Secret Names", "description" : "A list of patterns of Google Secret Manager secret names that are <em>not</em> allowed to be used with this service account. Patterns can include the wildcard \"*\".", "propertyOrder" : 400, "required" : true, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "credentialsSecretId" : { "title" : "Credentials Secret Label", "description" : "The label of the secret that contains the GCP service account credentials. Leave blank to use the default credentials from the environment. Credentials can be loaded from disk using a FileSystem Secret Store.", "propertyOrder" : 100, "required" : false, "type" : "string", "exampleValue" : "" } } }