Assigned
Status Update
No update yet.
Comments
ba...@google.com
al...@google.com
Hello,
Thank you for reaching out. I'm going to create an internal feature request. Please keep in mind that this feature request has to be analyzed and considered by the product team and I can't provide you ETA for it to be delivered. However, you can keep track of the status by following this thread.
Description
Hi, I am currently doing a Service Account Key Rotation Automation, however due to the amount of the projects we have and amount of Service Accounts under our management, it takes alot of time to process each service account despite filtering and optimizing. We are limited to the gcloud command in the documentation above.
gcloud iam service-accounts keys list, requires a "Service account" but this makes it harder to optimize since it would still loop on all the service accounts that doesnt have a key.
What I want to accomplish is to optimize the checking of keys. With that in mind, instead of a service account to be required, I would suggest having the project to be required.
It would list all the keys under the projects. The list includes the same items as well.
This will improve the automation tremendously as it would skip the checking of no-keys service accounts and check only for the service accounts that has keys.