In this article, we will go over how to set up a GCP Service account, provide access, and generate keys for the GCP service account.
A service account is a special type of Google account that is used to authenticate and be authorized to access data in Google APIs. Below are the steps to create service account in Google Cloud Platform. With the service account we will authenticate access to GCP apis, by using service account we can use client libraries to work with Google Cloud APIs.
1. Login to Google Cloud Console https://console.cloud.google.com/.
2. Navigate to IAM & Admin and click on Service Accounts.
3. Click on CREATE SERVICE ACCOUNT.
4. Enter service account details and click on CREATE AND CONTINUE.
5. In the Select a role dropdown, choose the required role.
Note: For the demo purpose Cloud Datastore Owner is selected which provides full access to "Cloud Datastore", you need to choose the managed/custom role as per your requirement based on least required privilege principle.
6. Click on CONTINUE.
7. Click on DONE.
8. Select the created service account and click on Action.
9. In the Action click on Manage Keys.
10. In the Keys section click on ADD KEY.
11. Click on Create new key.
12. Choose the Key type as JSON and click on CREATE to save the key to your computer.
Category: GCP