To retrieve a list of HMAC keys for the specified service account, make a GET
request
that is scoped to a project. The authenticated user must have storage.hmacKeys.list
permission for the project in which the key exists.
For general information about HMAC keys in Cloud Storage, see HMAC Keys .
HTTP Request
GET https://storage.googleapis.com/?Action=ListAccessKeys&UserName= ServiceAccountEmail
Query string parameters
| Parameter | Description | Required |
|---|---|---|
Action
|
The HMAC key operation to be performed. | Yes |
MaxItems
|
Maximum number of keys to return in a single response. The service may
return fewer results than MaxItems
. Check for a Marker
in the result and paginate if necessary. |
No |
Marker
|
A previously-returned page token representing part of the larger set of results to view.
This is meant to be an opaque token and the format may change at any time.
Attempting to build your own instead of using one returned by a previous list
request is not supported.If you start a listing and then create a new HMAC key before using a Marker
to continue listing, you
will not see the new HMAC key in subsequent listing results if it is in part
of the HMAC key namespace already listed. |
No |
UserName
|
The email address of a service account in the project. Specifying this parameter will filter the list results to only return keys for this service account. | No |
Request headers
The following are request headers for GET HMAC Key.
| Header | Description | Required |
|---|---|---|
| The authentication string for the request. | Yes | |
| The date and time of the request. | Yes | |
| The URI for Cloud Storage. For more information, see Request Endpoints . | Yes | |
| The project to be billed for charges associated with the request. | No |
Response
If successful, this method returns a response body with the following structure:
<ListAccessKeysResponse>
<ListAccessKeysResult>
<UserName>serviceAccount@proj.iam.gserviceaccount.com</UserName>
<AccessKeyMetadata>
<member>
<UserName>serviceAccount@proj.iam.gserviceaccount.com</UserName>
<AccessKeyId>GOOG1EXAMPLE12345</AccessKeyId>
<Status>Active</Status>
<CreateDate>2019-09-03T18:53:41Z</CreateDate>
</member>
<member>
<UserName>serviceAccount@proj.iam.gserviceaccount.com</UserName>
<AccessKeyId>GOOG1EXAMPLE54321</AccessKeyId>
<Status>Inactive</Status>
<CreateDate>2019-03-25T20:38:14Z</CreateDate>
</member>
</AccessKeyMetadata>
<IsTruncated>true</IsTruncated>
<Marker>AERPALERN/NEXT/TOKEN</Marker>
</ListAccessKeysResult>
</ListAccessKeysResponse>
Parameter name
Value
Description
UserName
string
The email address of the service account.
AccessKeyId
string
The access key ID for this HMAC key.
Status
string
The status of this HMAC key. Valid values are:
-
Active: This key can be used to sign requests. -
Inactive: Requests signed with this key will be denied. -
Deleted: Requests signed with this key will be denied.
IsTruncated
boolean
true
if there are additional pages of keys. false
otherwise. The presence of this parameter in the
response should always be checked to ensure a complete listing of all
the results.Marker
string
The continuation token,
used to page through large result sets. Only included in the response
if
IsTruncated
is true
. Provide this value in
subsequent list
requests until IsTruncated
is false
. Note that the next page may be empty.