def testRoundTripKeyType(self): key_types = [ KEY_TYPES.TYPE_PKCS12_FILE, KEY_TYPES.TYPE_GOOGLE_CREDENTIALS_FILE, KEY_TYPES.TYPE_UNSPECIFIED ] for key_type in key_types: round_trip_key_type = iam_util.KeyTypeFromCreateKeyType( iam_util.KeyTypeToCreateKeyType(key_type)) self.assertEqual(key_type, round_trip_key_type)
def _SetUpCreateKeyExpectations(self, service_account): key_type = iam_util.KeyTypeFromString('json') self.client.projects_serviceAccounts_keys.Create.Expect( request=self.msgs.IamProjectsServiceAccountsKeysCreateRequest( name='projects/-/serviceAccounts/' + service_account, createServiceAccountKeyRequest=self.msgs. CreateServiceAccountKeyRequest( privateKeyType=iam_util.KeyTypeToCreateKeyType(key_type))), response=self.msgs.ServiceAccountKey( name=('projects/test-project/serviceAccounts/%s/keys/0' % service_account), privateKeyType=key_type, privateKeyData=b'key data goes here'))
def Run(self, args): result = self.iam_client.projects_serviceAccounts_keys.Create( self.messages.IamProjectsServiceAccountsKeysCreateRequest( name=iam_util.EmailToAccountResourceName(args.iam_account), createServiceAccountKeyRequest= self.messages.CreateServiceAccountKeyRequest( privateKeyType=iam_util.KeyTypeToCreateKeyType( iam_util.KeyTypeFromString(args.key_file_type))))) # Only the creating user has access. Set file permission to "-rw-------". self.WriteFile(args.output, result.privateKeyData, make_private=True) log.status.Print( 'created key [{0}] of type [{1}] as [{2}] for [{3}]'.format( iam_util.GetKeyIdFromResourceName(result.name), iam_util.KeyTypeToString(result.privateKeyType), args.output, args.iam_account))