gcloud beta iam workforce-pools providers keys create

NAME
gcloud beta iam workforce-pools providers keys create - create a new workforce pool provider key
SYNOPSIS
gcloud beta iam workforce-pools providers keys create(KEY :--location=LOCATION--provider=PROVIDER--workforce-pool=WORKFORCE_POOL)--spec=SPEC--use=USE[--async][GCLOUD_WIDE_FLAG]
DESCRIPTION
(BETA) Create a new workforce pool provider key.
EXAMPLES
The following command creates a workforce pool provider key with the IDmy-key. Explicit values for all requiredand optional parameters are provided.
gcloudbetaiamworkforce-poolsproviderskeyscreatemy-key--location="global"--workforce-pool="my-workforce-pool"--provider="my-provider"--use="ENCRYPTION"--spec="RSA_4096"
POSITIONAL ARGUMENTS
Workforce pool provider key resource - The workforce pool provider key tocreate. The arguments in this group can be used to specify the attributes ofthis resource.

This must be specified.

KEY
ID of the workforce pool provider key or fully qualified identifier for theworkforce pool provider key.

To set thekey attribute:

  • provide the argumentkey on the command line.

This positional argument must be specified if any of the other arguments in thisgroup are specified.

--location=LOCATION
The location for the workforce pool.

To set thelocation attribute:

  • provide the argumentkey on the command line with a fully specifiedname;
  • provide the argument--location on the command line.
--provider=PROVIDER
The ID to use for the workforce pool provider, which becomes the final componentof the resource name. This value must be unique within the workforce pool, 4-32characters in length, and may contain the characters [a-z0-9-]. The prefixgcp- is reserved for use by Google, and may not be specified.To set theprovider attribute:
  • provide the argumentkey on the command line with a fully specifiedname;
  • provide the argument--provider on the command line.
--workforce-pool=WORKFORCE_POOL
The ID to use for the workforce pool, which becomes the final component of theresource name. This value must be a globally unique string of 6 to 63 lowercaseletters, digits, or hyphens. It must start with a letter, and cannot have atrailing hyphen. The prefixgcp- is reserved for use by Google, andmay not be specified.To set theworkforce-pool attribute:
  • provide the argumentkey on the command line with a fully specifiedname;
  • provide the argument--workforce-pool on the command line.
REQUIRED FLAGS
--spec=SPEC
The specifications for the key.SPEC must be one of:key-spec-unspecified,rsa-2048,rsa-3072,rsa-4096.
--use=USE
The purpose of the key.USE must be one of:encryption,key-use-unspecified,signing.
OPTIONAL FLAGS
--async
Return immediately, without waiting for the operation in progress to complete.
GCLOUD WIDE FLAGS
These flags are available to all commands:--access-token-file,--account,--billing-project,--configuration,--flags-file,--flatten,--format,--help,--impersonate-service-account,--log-http,--project,--quiet,--trace-token,--user-output-enabled,--verbosity.

Run$gcloud help for details.

API REFERENCE
This command uses theiam/v1 API. The full documentation for thisAPI can be found at:https://cloud.google.com/iam/
NOTES
This command is currently in beta and might change without notice. Thesevariants are also available:
gcloudiamworkforce-poolsproviderskeyscreate
gcloudalphaiamworkforce-poolsproviderskeyscreate

Except as otherwise noted, the content of this page is licensed under theCreative Commons Attribution 4.0 License, and code samples are licensed under theApache 2.0 License. For details, see theGoogle Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025-11-04 UTC.