To create a new HMAC key for the specified service account, make a POST request
that is scoped to a project. The authenticated user must have
storage.hmacKeys.create permission for the project in which the key will be created.
For general information about HMAC keys in Cloud Storage, see HMAC Keys.
HTTP Request
POST https://storage.googleapis.com/?Action=CreateAccessKey&UserName=ServiceAccountEmail
Query string parameters
| Parameter | Description | Required |
|---|---|---|
Action |
The HMAC key operation to be performed. | Yes |
UserName |
The email address of the service account. | Yes |
Request headers
Use the common request headers.
Response
If successful, this method returns a response body with the following structure:
<CreateAccessKeyResponse>
<CreateAccessKeyResult>
<AccessKey>
<UserName>serviceAccount@proj.iam.gserviceaccount.com</UserName>
<AccessKeyId>GOOG1EXAMPLEAEU</AccessKeyId>
<Status>Active</Status>
<SecretAccessKey>EXAMPLE/KEY/aserafd</SecretAccessKey>
</AccessKey>
</CreateAccessKeyResult>
</CreateAccessKeyResponse>
| Parameter name | Value | Description |
|---|---|---|
UserName |
string |
The email address of the service account. |
AccessKeyId |
string |
The access key ID for this HMAC key. |
Status |
string |
The status of this HMAC key. Valid values are:
|
SecretAccessKey |
string |
A 40 character Base-64 encoded string that is used to sign requests
as part of the authentication process. This secret is only ever returned
in the create request.
|