1- /* Copyright 2019 Google LLC
1+ /* Copyright 2022 Google LLC
22 *
33 * Licensed under the Apache License, Version 2.0 (the "License");
44 * you may not use this file except in compliance with the License.
1616package iam .snippets ;
1717
1818// [START iam_create_key]
19+
1920import com .google .api .client .googleapis .javanet .GoogleNetHttpTransport ;
2021import com .google .api .client .json .jackson2 .JacksonFactory ;
2122import com .google .api .services .iam .v1 .Iam ;
2627import com .google .auth .oauth2 .GoogleCredentials ;
2728import java .io .IOException ;
2829import java .security .GeneralSecurityException ;
30+ import java .util .Base64 ;
2931import java .util .Collections ;
3032
3133public class CreateServiceAccountKey {
3234
3335 // Creates a key for a service account.
34- public static void createKey (String projectId , String serviceAccountName ) {
36+ public static String createKey (String projectId , String serviceAccountName ) {
3537 // String projectId = "my-project-id";
3638 // String serviceAccountName = "my-service-account-name";
3739
3840 Iam service = null ;
3941 try {
4042 service = initService ();
4143 } catch (IOException | GeneralSecurityException e ) {
42- System .out .println ("Unable to initialize service: \n " + e . toString () );
43- return ;
44+ System .out .println ("Unable to initialize service: \n " + e );
45+ return null ;
4446 }
4547
4648 String serviceAccountEmail = serviceAccountName + "@" + projectId + ".iam.gserviceaccount.com" ;
@@ -55,9 +57,18 @@ public static void createKey(String projectId, String serviceAccountName) {
5557 new CreateServiceAccountKeyRequest ())
5658 .execute ();
5759
58- System .out .println ("Created key: " + key .getName ());
60+ // The privateKeyData field contains the base64-encoded service account key
61+ // in JSON format.
62+ // TODO(Developer): Save the below key (jsonKeyFile) to a secure location.
63+ // You cannot download it later.
64+ String jsonKeyFile = new String (Base64 .getDecoder ().decode (key .getPrivateKeyData ()));
65+
66+ System .out .println ("Key created successfully" );
67+ String keyName = key .getName ();
68+ return keyName .substring (keyName .lastIndexOf ("/" ) + 1 ).trim ();
5969 } catch (IOException e ) {
60- System .out .println ("Unable to create service account key: \n " + e .toString ());
70+ System .out .println ("Unable to create service account key: \n " + e );
71+ return null ;
6172 }
6273 }
6374
@@ -70,9 +81,9 @@ private static Iam initService() throws GeneralSecurityException, IOException {
7081 // Initialize the IAM service, which can be used to send requests to the IAM API.
7182 Iam service =
7283 new Iam .Builder (
73- GoogleNetHttpTransport .newTrustedTransport (),
74- JacksonFactory .getDefaultInstance (),
75- new HttpCredentialsAdapter (credential ))
84+ GoogleNetHttpTransport .newTrustedTransport (),
85+ JacksonFactory .getDefaultInstance (),
86+ new HttpCredentialsAdapter (credential ))
7687 .setApplicationName ("service-account-keys" )
7788 .build ();
7889 return service ;
0 commit comments