Skip to main content

workload_identity_pool_provider_keys

Creates, updates, deletes, gets or lists a workload_identity_pool_provider_keys resource.

Overview

Nameworkload_identity_pool_provider_keys
TypeResource
Idgoogle.iam.workload_identity_pool_provider_keys

Fields

The following fields are returned by SELECT queries:

Successful response

NameDatatypeDescription
namestringOutput only. The resource name of the key.
expireTimestring (google-datetime)Output only. Time after which the key will be permanently purged and cannot be recovered. Note that the key may get purged before this timestamp if the total limit of keys per provider is crossed.
keyDataobjectImmutable. Public half of the asymmetric key. (id: KeyData)
statestringOutput only. The state of the key.
usestringRequired. The purpose of the key.

Methods

The following methods are available for this resource:

NameAccessible byRequired ParamsOptional ParamsDescription
getselectprojectsId, locationsId, workloadIdentityPoolsId, providersId, keysIdGets an individual WorkloadIdentityPoolProviderKey.
listselectprojectsId, locationsId, workloadIdentityPoolsId, providersIdpageSize, pageToken, showDeletedLists all non-deleted WorkloadIdentityPoolProviderKeys in a project. If show_deleted is set to true, then deleted pools are also listed.
createinsertprojectsId, locationsId, workloadIdentityPoolsId, providersIdworkloadIdentityPoolProviderKeyIdCreate a new WorkloadIdentityPoolProviderKey in a WorkloadIdentityPoolProvider.
deletedeleteprojectsId, locationsId, workloadIdentityPoolsId, providersId, keysIdDeletes an WorkloadIdentityPoolProviderKey. You can undelete a key for 30 days. After 30 days, deletion is permanent.
undeleteexecprojectsId, locationsId, workloadIdentityPoolsId, providersId, keysIdUndeletes an WorkloadIdentityPoolProviderKey, as long as it was deleted fewer than 30 days ago.

Parameters

Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.

NameDatatypeDescription
keysIdstring
locationsIdstring
projectsIdstring
providersIdstring
workloadIdentityPoolsIdstring
pageSizeinteger (int32)
pageTokenstring
showDeletedboolean
workloadIdentityPoolProviderKeyIdstring

SELECT examples

Gets an individual WorkloadIdentityPoolProviderKey.

SELECT
name,
expireTime,
keyData,
state,
use
FROM google.iam.workload_identity_pool_provider_keys
WHERE projectsId = '{{ projectsId }}' -- required
AND locationsId = '{{ locationsId }}' -- required
AND workloadIdentityPoolsId = '{{ workloadIdentityPoolsId }}' -- required
AND providersId = '{{ providersId }}' -- required
AND keysId = '{{ keysId }}' -- required;

INSERT examples

Create a new WorkloadIdentityPoolProviderKey in a WorkloadIdentityPoolProvider.

INSERT INTO google.iam.workload_identity_pool_provider_keys (
data__keyData,
data__use,
projectsId,
locationsId,
workloadIdentityPoolsId,
providersId,
workloadIdentityPoolProviderKeyId
)
SELECT 
'{{ keyData }}',
'{{ use }}',
'{{ projectsId }}',
'{{ locationsId }}',
'{{ workloadIdentityPoolsId }}',
'{{ providersId }}',
'{{ workloadIdentityPoolProviderKeyId }}'
RETURNING
name,
done,
error,
metadata,
response
;

DELETE examples

Deletes an WorkloadIdentityPoolProviderKey. You can undelete a key for 30 days. After 30 days, deletion is permanent.

DELETE FROM google.iam.workload_identity_pool_provider_keys
WHERE projectsId = '{{ projectsId }}' --required
AND locationsId = '{{ locationsId }}' --required
AND workloadIdentityPoolsId = '{{ workloadIdentityPoolsId }}' --required
AND providersId = '{{ providersId }}' --required
AND keysId = '{{ keysId }}' --required;

Lifecycle Methods

Undeletes an WorkloadIdentityPoolProviderKey, as long as it was deleted fewer than 30 days ago.

EXEC google.iam.workload_identity_pool_provider_keys.undelete 
@projectsId='{{ projectsId }}' --required, 
@locationsId='{{ locationsId }}' --required, 
@workloadIdentityPoolsId='{{ workloadIdentityPoolsId }}' --required, 
@providersId='{{ providersId }}' --required, 
@keysId='{{ keysId }}' --required;