diff --git a/google/resource_google_service_account_key.go b/google/resource_google_service_account_key.go
index c723f186..75dfe23d 100644
--- a/google/resource_google_service_account_key.go
+++ b/google/resource_google_service_account_key.go
@@ -2,6 +2,7 @@ package google
 
 import (
 	"fmt"
+	"strings"
 
 	"github.com/hashicorp/terraform/helper/encryption"
 	"github.com/hashicorp/terraform/helper/schema"
@@ -17,10 +18,9 @@ func resourceGoogleServiceAccountKey() *schema.Resource {
 		Schema: map[string]*schema.Schema{
 			// Required
 			"service_account_id": &schema.Schema{
-				Type:         schema.TypeString,
-				Required:     true,
-				ForceNew:     true,
-				ValidateFunc: validateRegexp(ServiceAccountLinkRegex),
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
 			},
 			// Optional
 			"key_algorithm": &schema.Schema{
@@ -89,6 +89,9 @@ func resourceGoogleServiceAccountKeyCreate(d *schema.ResourceData, meta interfac
 	config := meta.(*Config)
 
 	serviceAccount := d.Get("service_account_id").(string)
+	if !strings.HasPrefix(serviceAccount, "projects/") {
+		serviceAccount = "projects/-/serviceAccounts/" + serviceAccount
+	}
 
 	r := &iam.CreateServiceAccountKeyRequest{
 		KeyAlgorithm:   d.Get("key_algorithm").(string),
diff --git a/google/resource_google_service_account_key_test.go b/google/resource_google_service_account_key_test.go
index 2817511e..66d1c77b 100644
--- a/google/resource_google_service_account_key_test.go
+++ b/google/resource_google_service_account_key_test.go
@@ -34,6 +34,30 @@ func TestAccServiceAccountKey_basic(t *testing.T) {
 	})
 }
 
+func TestAccServiceAccountKey_fromEmail(t *testing.T) {
+	t.Parallel()
+
+	resourceName := "google_service_account_key.acceptance"
+	accountID := "a" + acctest.RandString(10)
+	displayName := "Terraform Test"
+	resource.Test(t, resource.TestCase{
+		PreCheck:  func() { testAccPreCheck(t) },
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			resource.TestStep{
+				Config: testAccServiceAccountKey_fromEmail(accountID, displayName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckGoogleServiceAccountKeyExists(resourceName),
+					resource.TestCheckResourceAttrSet(resourceName, "public_key"),
+					resource.TestCheckResourceAttrSet(resourceName, "valid_after"),
+					resource.TestCheckResourceAttrSet(resourceName, "valid_before"),
+					resource.TestCheckResourceAttrSet(resourceName, "private_key"),
+				),
+			},
+		},
+	})
+}
+
 func TestAccServiceAccountKey_pgp(t *testing.T) {
 	t.Parallel()
 	resourceName := "google_service_account_key.acceptance"
@@ -86,7 +110,21 @@ resource "google_service_account" "acceptance" {
 }
 
 resource "google_service_account_key" "acceptance" {
-	service_account_id = "${google_service_account.acceptance.id}"
+	service_account_id = "${google_service_account.acceptance.name}"
+	public_key_type = "TYPE_X509_PEM_FILE"
+}
+`, account, name)
+}
+
+func testAccServiceAccountKey_fromEmail(account, name string) string {
+	return fmt.Sprintf(`
+resource "google_service_account" "acceptance" {
+	account_id = "%s"
+	display_name = "%s"
+}
+
+resource "google_service_account_key" "acceptance" {
+	service_account_id = "${google_service_account.acceptance.email}"
 	public_key_type = "TYPE_X509_PEM_FILE"
 }
 `, account, name)
@@ -100,7 +138,7 @@ resource "google_service_account" "acceptance" {
 }
 
 resource "google_service_account_key" "acceptance" {
-	service_account_id = "${google_service_account.acceptance.id}"
+	service_account_id = "${google_service_account.acceptance.name}"
 	public_key_type = "TYPE_X509_PEM_FILE"
 	pgp_key = <<EOF
 %s
diff --git a/website/docs/r/google_service_account_key.html.markdown b/website/docs/r/google_service_account_key.html.markdown
index 1c042541..a08b667f 100644
--- a/website/docs/r/google_service_account_key.html.markdown
+++ b/website/docs/r/google_service_account_key.html.markdown
@@ -20,7 +20,7 @@ resource "google_service_account" "acceptance" {
 }
 
 resource "google_service_account_key" "acceptance" {
-  service_account_id = "${google_service_account.acceptance.id}"
+  service_account_id = "${google_service_account.acceptance.name}"
   public_key_type = "TYPE_X509_PEM_FILE"
 }
 ```
@@ -33,7 +33,7 @@ resource "google_service_account" "myaccount" {
   display_name = "My Service Account"
 }
 resource "google_service_account_key" "mykey" {
-  service_account_id = "${google_service_account.myaccount.id}"
+  service_account_id = "${google_service_account.myaccount.name}"
 }
 resource "kubernetes_secret" "google-application-credentials" {
   metadata {
@@ -54,7 +54,7 @@ resource "google_service_account" "acceptance" {
 }
 
 resource "google_service_account_key" "acceptance" {
-  service_account_id = "${google_service_account.acceptance.id}"
+  service_account_id = "${google_service_account.acceptance.name}"
   pgp_key = "keybase:keybaseusername"
   public_key_type = "TYPE_X509_PEM_FILE"
 }
@@ -64,7 +64,9 @@ resource "google_service_account_key" "acceptance" {
 
 The following arguments are supported:
 
-* `service_account_id` - (Required) The Service account id of the Key Pair.
+* `service_account_id` - (Required) The Service account id of the Key Pair. This can be a string in the format
+`{ACCOUNT}` or `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`, where `{ACCOUNT}` is the email address or
+unique id of the service account. If the `{ACCOUNT}` syntax is used, the project will be inferred from the account.
 
 * `key_algorithm` - (Optional) The algorithm used to generate the key. KEY_ALG_RSA_2048 is the default algorithm.
 Valid values are listed at