Service Account Key

A Service Account Key in Google Cloud is a credential file that allows applications or services to authenticate as a service account. It contains private key information used to securely access Google Cloud resources without user interaction. These keys are typically used for server-to-server communication, automation, or workloads running outside Google Cloud. Proper management and rotation of keys are critical to maintain security.

gcp.iam_service_account_key

Fields

TitleIDTypeData TypeDescription
_keycorestring
ancestorscorearray<string>
datadog_display_namecorestring
disabledcoreboolThe key status.
key_algorithmcorestringSpecifies the algorithm (and possibly key size) for the key.
key_origincorestringThe key origin.
key_typecorestringThe key type.
labelscorearray<string>
namecorestringThe resource name of the service account key in the following format `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`.
organization_idcorestring
parentcorestring
private_key_typecorestringThe output format for the private key. Only provided in `CreateServiceAccountKey` responses, not in `GetServiceAccountKey` or `ListServiceAccountKey` responses. Google never exposes system-managed private keys, and never retains user-managed private keys.
project_idcorestring
project_numbercorestring
resource_namecorestring
tagscorehstore
valid_after_timecoretimestampThe key can be used after this timestamp.
valid_before_timecoretimestampThe key can be used before this timestamp. For system-managed key pairs, this timestamp is the end time for the private key signing operation. The public key could still be used for verification for a few hours after this time.