gar_service_create {googleAuthR} | R Documentation |
Work with service accounts via the API
Description
These functions let you create a service JSON key from an OAuth2 login. You can then assign it roles and do a one time download of a service account key to use for authentication in other Google APIs
Usage
gar_service_create(
accountId,
projectId,
serviceName = "googleAuthR::gar_service_create",
serviceDescription = "A service account created via googleAuthR"
)
gar_service_grant_roles(
accountIds,
roles,
projectId,
type = c("serviceAccount", "user", "group")
)
gar_service_get_roles(
projectId,
accountId = NULL,
type = c("serviceAccount", "user", "group")
)
gar_service_key(
accountId,
projectId,
file = paste0(accountId, "-auth-key.json")
)
gar_service_key_list(accountId, projectId)
gar_service_list(projectId)
gar_service_get(accountId, projectId)
Arguments
accountId |
The service accountId |
projectId |
The projectId containing the service account |
serviceName |
Name of service account |
serviceDescription |
Description of service account |
accountIds |
A vector of accountIds in the form |
roles |
A character vector of roles to give the accountIds e.g. |
type |
The type of accountId to add role for - e.g. |
file |
The file to download the private JSON key to |
Details
It will download the existing roles, and append the role you add to it here.
If you supply an accountId to gar_service_get_roles
then it will return only those roles that accountId has.
Value
If it already exists, returns it via gar_service_get, else creates the service key
See Also
Combine these functions to provision emails in one step with gar_service_provision
https://cloud.google.com/resource-manager/reference/rest/v1/projects/setIamPolicy
https://cloud.google.com/resource-manager/reference/rest/v1/projects/setIamPolicy
https://cloud.google.com/iam/docs/reference/rest/v1/projects.serviceAccounts.keys/create
Other IAM functions:
gar_service_provision()
Examples
## Not run:
# all roles
projectId <- gar_set_client(
json = Sys.getenv("GAR_CLIENT_JSON"),
scopes = "https://www.googleapis.com/auth/cloud-platform")
gar_service_get_roles(projectId)
# roles for one accountId
gar_service_get_roles(
projectId,
accountId = "1080525199262@cloudbuild.gserviceaccount.com")
## End(Not run)
## Not run:
library(googleAuthR)
gar_set_client(scopes = "https://www.googleapis.com/auth/cloud-platform")
gar_auth()
gar_service_create("test12345678", "my-project")
gar_service_get("test12345678@my-project.iam.gserviceaccount.com",
projectId = "my-project")
gar_service_grant_roles("test12345678@my-project.iam.gserviceaccount.com",
role = "roles/editor",
projectId = "my-project")
gar_service_key("test12345678", "my-project", "my-auth.json")
gar_service_list("my-project")
gar_service_key_list("test12345678", "my-project")
## End(Not run)