Difference between revisions of "Google Cloud Service account"
Jump to navigation
Jump to search
(29 intermediate revisions by 5 users not shown) | |||
Line 1: | Line 1: | ||
* https://cloud.google.com/iam/docs/service-accounts | * https://cloud.google.com/iam/docs/service-accounts | ||
− | + | Service accounts do not have [[passwords]], and cannot log in via browsers or cookies, you can create an account with <code>[[gcloud iam service-accounts create]]</code> and generate [[access keys]] with <code>[[gcloud iam service-accounts keys create]]</code> command. | |
− | |||
− | + | Create service account: | |
− | + | * <code>[[gcloud iam service-accounts create]]</code> | |
− | |||
− | |||
+ | Create login keys for service account: | ||
+ | * <code>[[gcloud iam service-accounts keys create]]</code> | ||
+ | :See: <code>[[your_key_file_name.json]]</code>, "type": "[[service_account]]" | ||
+ | |||
+ | Login into a service account using generated keys: | ||
+ | * <code>[[gcloud auth activate-service-account]] --key-file=[[your_key_file_name.json]]</code> | ||
+ | |||
+ | |||
+ | == Commands == | ||
+ | * <code>[[gcloud iam service-accounts --help]]</code> | ||
+ | * <code>[[gcloud iam service-accounts]]</code> | ||
+ | * <code>[[gcloud iam service-accounts list]]</code> | ||
+ | * <code>[[gcloud iam service-accounts describe]]</code> | ||
+ | * <code>[[gcloud iam service-accounts create]]</code> | ||
+ | * <code>[[gcloud iam service-accounts keys create]]</code> | ||
== Related == | == Related == | ||
Line 15: | Line 27: | ||
* [[Google Cloud user account]] | * [[Google Cloud user account]] | ||
* <code>[[gcloud auth list]]</code> | * <code>[[gcloud auth list]]</code> | ||
+ | * <code>[[gsutil config -e]]</code> for service account credentials. | ||
+ | * <code>[[gcloud auth activate-service-account]]</code> | ||
+ | * Service accounts are considered as users for <code>[[gsutil acl]]</code> purposes. | ||
+ | * [[Kubernetes service account]] | ||
+ | * <code>[[GOOGLE_APPLICATION_CREDENTIALS]]</code> | ||
+ | * <code>[[gsutil acl ch]]</code> | ||
+ | * <code>[[type: kubernetes.io/service-account-token]]</code> | ||
== See also == | == See also == | ||
* {{gcloud iam service-accounts}} | * {{gcloud iam service-accounts}} | ||
* {{gcloud config}} | * {{gcloud config}} | ||
+ | * {{sa}} | ||
+ | |||
[[Category:GCP]] | [[Category:GCP]] |
Latest revision as of 07:52, 9 October 2023
Service accounts do not have passwords, and cannot log in via browsers or cookies, you can create an account with gcloud iam service-accounts create
and generate access keys with gcloud iam service-accounts keys create
command.
Create service account:
Create login keys for service account:
- See:
your_key_file_name.json
, "type": "service_account"
Login into a service account using generated keys:
Commands[edit]
gcloud iam service-accounts --help
gcloud iam service-accounts
gcloud iam service-accounts list
gcloud iam service-accounts describe
gcloud iam service-accounts create
gcloud iam service-accounts keys create
Related[edit]
- Google Cloud IAM
- Google Cloud user account
gcloud auth list
gsutil config -e
for service account credentials.gcloud auth activate-service-account
- Service accounts are considered as users for
gsutil acl
purposes. - Kubernetes service account
GOOGLE_APPLICATION_CREDENTIALS
gsutil acl ch
type: kubernetes.io/service-account-token
See also[edit]
- Service accounts:
gcloud iam service-accounts [ create | get-iam-policy | list | delete | describe | keys ], gcloud auth activate-service-account
gcloud config
[set | list | get-value | configurations | --help
],~/.config/gcloud/, gcloud config set account
- Service account: Kubernetes service account, Google Cloud Service account, impersonation, google_service_account
Advertising: