NAME
    gcloud alpha services api-keys create - create an API key

SYNOPSIS
    gcloud alpha services api-keys create [--annotations=[KEY=VALUE,...]]
        [--async] [--display-name=DISPLAY_NAME] [--key-id=KEY_ID]
        [--service-account=SERVICE_ACCOUNT]
        [--api-target=service=SERVICE,[...]
          --allowed-application=[sha1_fingerprint=SHA1_FINGERPRINT,
          package_name=PACKAGE_NAME,...]
          | --allowed-bundle-ids=[ALLOWED_BUNDLE_IDS,...]
          | --allowed-ips=[ALLOWED_IPS,...]
          | --allowed-referrers=[ALLOWED_REFERRERS,...]] [GCLOUD_WIDE_FLAG ...]

DESCRIPTION
    (ALPHA) Create an API key.

EXAMPLES
    To create a key with display name and allowed IPs specified:

        $ gcloud alpha services api-keys create --display-name="test name" \
            --allowed-ips=2620:15c:2c4:203:2776:1f90:6b3b:217,104.133.8.78

    To create a key with annotations:

        $ gcloud alpha services api-keys create --annotations=foo=bar,abc=def

    To create a key with user-specified key ID:

        $ gcloud alpha services api-keys create --key-id="my-key-id"

    To create a key with allowed referrers restriction:

        $ gcloud alpha services api-keys create \
            --allowed-referrers="https://www.example.com/*,http://sub.exampl\
        e.com/*"

    To create a key with allowed IOS app bundle IDs:

        $ gcloud alpha services api-keys create --allowed-bundle-ids=my.app

    To create a key with allowed Android application:

        $ gcloud alpha services api-keys create \
            --allowed-application=sha1_fingerprint=foo1,\
        package_name=bar.foo \
            --allowed-application=sha1_fingerprint=foo2,package_name=foo.bar

    To create a key with allowed API targets (service name only):

        $ gcloud alpha services api-keys create \
            --api-target=service=bar.service.com \
            --api-target=service=foo.service.com

    To create a key with service account:

        $ gcloud alpha services api-keys create \
            --service-account=my-service-account

    To create a key with allowed API targets (service and methods are
    specified):

        $ gcloud alpha services api-keys create --flags-file=my-flags.yaml

    The content of 'my-flags.yaml' is as follows:

        - --api-target:
            service: "foo.service.com"
        - --api-target:
            service: "bar.service.com"
            methods:
              - "foomethod"
              - "barmethod"

FLAGS
     --annotations=[KEY=VALUE,...]
        Annotations are key resource. Specify annotations as a key-value
        dictionary for small amounts of arbitrary client data.

     --async
        Return immediately, without waiting for the operation in progress to
        complete.

     --display-name=DISPLAY_NAME
        Display name of the key to create.

     --key-id=KEY_ID
        User-specified ID of the key to create.

     --service-account=SERVICE_ACCOUNT
        The email of the service account the key is bound to. If this field is
        specified, the key is a service account bound key and auth enabled.

     --api-target=service=SERVICE,[...]
        Repeatable. Specify service and optionally one or multiple specific
        methods. Both fields are case insensitive. If you need to specify
        methods, it should be specified with the --flags-file. See $ gcloud
        topic flags-file for details. See the examples section for how to use
        --api-target in --flags-file.

     At most one of these can be specified:

       --allowed-application=[sha1_fingerprint=SHA1_FINGERPRINT,package_name=PACKAGE_NAME,...]
          Repeatable. Specify multiple allowed applications. The accepted keys
          are sha1_fingerprint and package_name.

       --allowed-bundle-ids=[ALLOWED_BUNDLE_IDS,...]
          iOS app's bundle ids that are allowed to use the key.

       --allowed-ips=[ALLOWED_IPS,...]
          A list of the caller IP addresses that are allowed to make API calls
          with this key.

       --allowed-referrers=[ALLOWED_REFERRERS,...]
          A list of regular expressions for the referrer URLs that are allowed
          to make API calls with this key.

GCLOUD WIDE FLAGS
    These flags are available to all commands: --access-token-file, --account,
    --billing-project, --configuration, --flags-file, --flatten, --format,
    --help, --impersonate-service-account, --log-http, --project, --quiet,
    --trace-token, --user-output-enabled, --verbosity.

    Run $ gcloud help for details.

NOTES
    This command is currently in alpha and might change without notice. If this
    command fails with API permission errors despite specifying the correct
    project, you might be trying to access an API with an invitation-only early
    access allowlist. These variants are also available:

        $ gcloud services api-keys create

        $ gcloud beta services api-keys create

