Crea una chiave HMAC dell'account di servizio

Crea una chiave HMAC dell'account di servizio.

Per saperne di più

Per la documentazione dettagliata che include questo esempio di codice, consulta quanto segue:

Esempio di codice

Per ulteriori informazioni, consulta la documentazione di riferimento dell'API Cloud Storage C++.

Per autenticarti a Cloud Storage, configura le credenziali predefinite dell'applicazione. Per saperne di più, consulta Configurare l'autenticazione per le librerie client.

namespace gcs = ::google::cloud::storage;
using ::google::cloud::StatusOr;
return [](gcs::Client client, std::string const& service_account_email) {
  StatusOr<std::pair<gcs::HmacKeyMetadata, std::string>> key_info =
  if (!key_info) throw std::move(key_info).status();

  std::cout << "The base64 encoded secret is: " << key_info->second
            << "\nDo not miss that secret, there is no API to recover it."
            << "\nThe HMAC key metadata is: " << key_info->first << "\n";
  return key_info->first.access_id();

Per ulteriori informazioni, consulta la documentazione di riferimento dell'API Cloud Storage C#.

Per autenticarti a Cloud Storage, configura le credenziali predefinite dell'applicazione. Per saperne di più, consulta Configurare l'autenticazione per le librerie client.

using Google.Apis.Storage.v1.Data;
using Google.Cloud.Storage.V1;
using System;

public class CreateHmacKeySample
    public HmacKey CreateHmacKey(
        string projectId = "your-project-id",
        string serviceAccountEmail = "")
        var storage = StorageClient.Create();
        var key = storage.CreateHmacKey(projectId, serviceAccountEmail);

        var secret = key.Secret;
        var metadata = key.Metadata;

        Console.WriteLine($"The Base64 encoded secret is: {secret}");
        Console.WriteLine("Make sure to save that secret, there's no API to recover it.");
        Console.WriteLine("The HMAC key metadata is:");
        Console.WriteLine($"ID: {metadata.Id}");
        Console.WriteLine($"Access ID: {metadata.AccessId}");
        Console.WriteLine($"Project ID: {metadata.ProjectId}");
        Console.WriteLine($"Service Account Email: {metadata.ServiceAccountEmail}");
        Console.WriteLine($"State: {metadata.State}");
        Console.WriteLine($"Time Created: {metadata.TimeCreated}");
        Console.WriteLine($"Time Updated: {metadata.Updated}");
        Console.WriteLine($"ETag: {metadata.ETag}");
        return key;

Per ulteriori informazioni, consulta la documentazione di riferimento dell'API Cloud Storage Go.

Per autenticarti a Cloud Storage, configura le credenziali predefinite dell'applicazione. Per saperne di più, consulta Configurare l'autenticazione per le librerie client.

import (


// createHMACKey creates a new HMAC key using the given project and service account.
func createHMACKey(w io.Writer, projectID string, serviceAccountEmail string) (*storage.HMACKey, error) {
	ctx := context.Background()

	// Initialize client.
	client, err := storage.NewClient(ctx)
	if err != nil {
		return nil, fmt.Errorf("storage.NewClient: %w", err)
	defer client.Close() // Closing the client safely cleans up background resources.

	ctx, cancel := context.WithTimeout(ctx, time.Minute)
	defer cancel()
	key, err := client.CreateHMACKey(ctx, projectID, serviceAccountEmail)
	if err != nil {
		return nil, fmt.Errorf("CreateHMACKey: %w", err)

	fmt.Fprintf(w, "%s\n", key)
	fmt.Fprintf(w, "The base64 encoded secret is %s\n", key.Secret)
	fmt.Fprintln(w, "Do not miss that secret, there is no API to recover it.")
	fmt.Fprintln(w, "The HMAC key metadata is")
	fmt.Fprintf(w, "%+v", key)

	return key, nil

Per ulteriori informazioni, consulta la documentazione di riferimento dell'API Cloud Storage Java.

Per autenticarti a Cloud Storage, configura le credenziali predefinite dell'applicazione. Per saperne di più, consulta Configurare l'autenticazione per le librerie client.

import java.util.Date;

public class CreateHmacKey {
  public static void createHmacKey(String serviceAccountEmail, String projectId)
      throws StorageException {

    // The service account email for which the new HMAC key will be created.
    // String serviceAccountEmail = "";

    // The ID of the project to which the service account belongs.
    // String projectId = "project-id";

    Storage storage = StorageOptions.newBuilder().setProjectId(projectId).build().getService();

    ServiceAccount account = ServiceAccount.of(serviceAccountEmail);
    HmacKey hmacKey =
        storage.createHmacKey(account, Storage.CreateHmacKeyOption.projectId(projectId));

    String secret = hmacKey.getSecretKey();
    HmacKey.HmacKeyMetadata metadata = hmacKey.getMetadata();

    System.out.println("The Base64 encoded secret is: " + secret);
    System.out.println("Do not lose that secret, there is no API to recover it.");
    System.out.println("The HMAC key metadata is:");
    System.out.println("ID: " + metadata.getId());
    System.out.println("Access ID: " + metadata.getAccessId());
    System.out.println("Project ID: " + metadata.getProjectId());
    System.out.println("Service Account Email: " + metadata.getServiceAccount().getEmail());
    System.out.println("State: " + metadata.getState().toString());
    System.out.println("Time Created: " + new Date(metadata.getCreateTime()).toString());
    System.out.println("Time Updated: " + new Date(metadata.getUpdateTime()).toString());
    System.out.println("ETag: " + metadata.getEtag());

Per ulteriori informazioni, consulta la documentazione di riferimento dell'API Cloud Storage Node.js.

Per autenticarti a Cloud Storage, configura le credenziali predefinite dell'applicazione. Per saperne di più, consulta Configurare l'autenticazione per le librerie client.

 * TODO(developer): Uncomment the following lines before running the sample.
// The service account email for which the new HMAC key will be created
// const serviceAccountEmail = '';

// The ID of the project to which the service account belongs
// const projectId = 'project-id';

// Imports the Google Cloud client library
const {Storage} = require('@google-cloud/storage');

// Creates a client
const storage = new Storage();

// Create HMAC SA Key
async function createHmacKey() {
  const [hmacKey, secret] = await storage.createHmacKey(serviceAccountEmail, {

  console.log(`The base64 encoded secret is: ${secret}`);
  console.log('Do not miss that secret, there is no API to recover it.');
  console.log('The HMAC key metadata is:');
  for (const [key, value] of Object.entries(hmacKey.metadata)) {
    console.log(`${key}: ${value}`);

Per ulteriori informazioni, consulta la documentazione di riferimento dell'API Cloud Storage PHP.

Per autenticarti a Cloud Storage, configura le credenziali predefinite dell'applicazione. Per saperne di più, consulta Configurare l'autenticazione per le librerie client.

use Google\Cloud\Storage\StorageClient;

 * Create a new HMAC key.
 * @param string $projectId The ID of your Google Cloud Platform project.
 *        (e.g. 'my-project-id')
 * @param string $serviceAccountEmail Service account email to associate with the new HMAC key.
 *        (e.g. '')
function create_hmac_key(string $projectId, string $serviceAccountEmail): void
    $storage = new StorageClient();
    // By default createHmacKey will use the projectId used by StorageClient().
    $hmacKeyCreated = $storage->createHmacKey($serviceAccountEmail, ['projectId' => $projectId]);

    printf('The base64 encoded secret is: %s' . PHP_EOL, $hmacKeyCreated->secret());
    print('Do not miss that secret, there is no API to recover it.' . PHP_EOL);
    printf('HMAC key Metadata: %s' . PHP_EOL, print_r($hmacKeyCreated->hmacKey()->info(), true));

Per ulteriori informazioni, consulta la documentazione di riferimento dell'API Cloud Storage Python.

Per autenticarti a Cloud Storage, configura le credenziali predefinite dell'applicazione. Per saperne di più, consulta Configurare l'autenticazione per le librerie client.

from import storage

def create_key(project_id, service_account_email):
    Create a new HMAC key using the given project and service account.
    # project_id = 'Your Google Cloud project ID'
    # service_account_email = 'Service account used to generate the HMAC key'

    storage_client = storage.Client(project=project_id)

    hmac_key, secret = storage_client.create_hmac_key(
        service_account_email=service_account_email, project_id=project_id

    print(f"The base64 encoded secret is {secret}")
    print("Do not miss that secret, there is no API to recover it.")
    print("The HMAC key metadata is:")
    print(f"Service Account Email: {hmac_key.service_account_email}")
    print(f"Key ID: {}")
    print(f"Access ID: {hmac_key.access_id}")
    print(f"Project ID: {hmac_key.project}")
    print(f"State: {hmac_key.state}")
    print(f"Created At: {hmac_key.time_created}")
    print(f"Updated At: {hmac_key.updated}")
    print(f"Etag: {hmac_key.etag}")
    return hmac_key

Per ulteriori informazioni, consulta la documentazione di riferimento dell'API Cloud Storage Ruby.

Per autenticarti a Cloud Storage, configura le credenziali predefinite dell'applicazione. Per saperne di più, consulta Configurare l'autenticazione per le librerie client.

def create_hmac_key service_account_email:
  # The service account email used to generate an HMAC key
  # service_account_email = ""

  require "google/cloud/storage"

  storage =

  # By default Storage#create_hmac_key uses the Storage client project_id
  hmac_key = storage.create_hmac_key service_account_email

  puts "The base64 encoded secret is: #{hmac_key.secret}"
  puts "Do not miss that secret, there is no API to recover it."
  puts "\nThe HMAC key metadata is:"
  puts "Key ID:                #{}"
  puts "Service Account Email: #{hmac_key.service_account_email}"
  puts "Access ID:             #{hmac_key.access_id}"
  puts "Project ID:            #{hmac_key.project_id}"
  puts "Active:                #{}"
  puts "Created At:            #{hmac_key.created_at}"
  puts "Updated At:            #{hmac_key.updated_at}"
  puts "Etag:                  #{hmac_key.etag}"

Passaggi successivi

Per cercare e filtrare i sample di codice per altri Google Cloud prodotti, consulta il Google Cloud browser di sample.