google.auth.iam module

Tools for using the Google Cloud Identity and Access Management (IAM) API’s auth-related functionality.

class Signer(request, credentials, service_account_email)[source]

Bases: Signer

Signs messages using the IAM signBlob API.

This is useful when you need to sign bytes but do not have access to the credential’s private key file.

Parameters:
property key_id

The key ID used to identify this private key.

Warning

This is always None. The key ID used by IAM can not be reliably determined ahead of time.

Type:

Optional [ str ]

sign(message)[source]

Signs a message.

Parameters:

message (Union [ str, bytes ]) – The message to be signed.

Returns:

The signature of the message.

Return type:

bytes