Google cloud automatically delete the last service account key created

Question

As part of an automation, I am trying to create a temporary access key for the service account, do changes and then delete this last used key.

Where I am stuck is listing and doing something with this result:

gcloud iam service-accounts keys list --iam-account=dummy@dummy.com --format=json

This command will list randomly all the available keys for this service account and I haven't found a good formatting to help me.

Tried using the date value ( year-month-day ) with and without a wildcard *, but it doesn't recognise it.

> gcloud iam service-accounts keys list --iam-account=dummy@dummy.com
> --format="value(validAfterTime[2021-07-11])"

Logically I would want to probably compare the values inside validAfterTime for each of the keys and then get the highest one, but I do not know how to do that programatically in shell. In python I would compare the values and get the name of the one with the biggest value.

What would be a good simple way to get the last one created so I can delete it?

EDIT

Ok, so it was simpler than I thought. What I needed to do is to also add the flag sort-by and there I will put the same validAfterTime.

> gcloud iam service-accounts keys list --iam-account=dummy@dummy.com
> --format="value(validAfterTime[2021-07-11])" --sort-by=validAfterTime | tail -1 | awk -F/ '{print $6}'

Sort by will sort in ascending order the values, tail -1 will give me the last result, print 6 will give me the 6th element using / as a delimiter.

Thank you

Google cloud automatically delete the last service account key created

EDIT

Answers (1)

Related Questions