0

I'm trying to create an API to manage API Keys from inside a VM instance, so I'm looking for a programmatic and/or using Google REST APIS way to create, delete and list Google Cloud API Management Credentials, especially API KEYs.

With Google Cloud SDK you can create and API keys with the following command("gcloud alpha services api-keys" docs):

$ gcloud alpha services api-keys create --display-name="test name"

After carefully searching through the Google's Cloud documentation I haven't found a way of programmatic(example 1) nor using a cURL(example 2) to call Google API to manage API Keys.

Example 1 of creating bucket in a programmatic way:

from google.cloud import storage
def create_bucket_class_location(bucket_name):
    """Create a new bucket in specific location with storage class"""
    # bucket_name = "your-new-bucket-name"

    storage_client = storage.Client()

    bucket = storage_client.bucket(bucket_name)
    bucket.storage_class = "COLDLINE"
    new_bucket = storage_client.create_bucket(bucket, location="us")

    print(
        "Created bucket {} in {} with storage class {}".format(
            new_bucket.name, new_bucket.location, new_bucket.storage_class
        )
    )
    return new_bucket

Example 2 of creating bucket using REST APIs:

curl -X POST --data-binary @create-bucket.json \
 -H "Authorization: Bearer OAUTH2_TOKEN" \
 -H "Content-Type: application/json" \
 "https://storage.googleapis.com/storage/v1/b?project=PROJECT_ID"
Improve this question

1 Answer 1

Reset to default
2

AFAIK, API-KEYS REST documentation has not been published yet.

Disclaimer: alpha status APIs are subject to change. Your code might break in the future.

I recommend creating a new Google Cloud Project to do your testing in.

The following examples are for Windows. The concepts are the same for Linux and macOS.

We need a couple of variables setup:

# Your Project ID
set GCP_PROJECT=my-project-123456

# Google OAuth Access Token
# Fancy DOS batch stuff to fetch a token
call gcloud auth print-access-token > token
set /p GCP_TOKEN=<token
del token

Example #1: Create an API KEY:

set URL=https://apikeys.googleapis.com/v2alpha1/projects/%GCP_PROJECT%/keys?alt=json

curl -X POST %URL% ^
-H "Content-Type: application/json" ^
-H "Authorization: Bearer %GCP_TOKEN%" ^
-d "{\"displayName\": \"test key\", \"restrictions\": {}}"

Example #2 - List API KEYs:

curl https://apikeys.googleapis.com/v2alpha1/projects/%GCP_PROJECT%/keys?alt=json ^
-H "Accept: application/json" ^
-H "Authorization: Bearer %GCP_TOKEN%"

Example #3 - Delete and API KEY

Note: You will need the KEY name. Use the list example. Use the last part of the list json name key.

set URL=https://apikeys.googleapis.com/v2alpha1/projects/%GCP_PROJECT%/keys

set KEY=2be9ee20-955c-4405-ac0c-e9f8ae1a3839

curl -X DELETE %URL%/%KEY% ^
-H "Content-Type: application/json" ^
-H "Authorization: Bearer %GCP_TOKEN%"

Addition Notes:

There is a v2beta1 API. I have not tested with this version.

Example endpoint:

https://apikeys.googleapis.com/v2beta1/projects/development-219304/keys
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

I recommend you to use this API with caution. It has been in public beta 1+ year ago, and now you can access it only with this legacy gcloud CLI alpha command, and you find no reference in the documentaion on this. In relation with the PMs, no one has been able to tell me the status of this API. It could disappear a day without a warning or and announcement!
@guillaumeblaquiere - There is a beta api available. This tends to be more stable than alpha and indicates Google's intention of releasing. However, your comments are smart. Use only published apis.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.