Google Cloud Identity and Access Management Operations
Jump to navigation
Jump to search
Internal
Overview
Service Account Operations
See:
Create Service Account
Via console: https://cloud.google.com/docs/authentication/getting-started#creating_a_service_account.
In command line:
gcloud iam service-accounts create test-sa
Give Service Account Permissions on a Project
A service account (as member) can be given permissions to a project (a resource, by binding the service account to a role, via a role binding that is added to the project's IAM policy:
gcloud projects add-iam-policy-binding my-project-id \
--member="serviceAccount:my-service-account@my-project-id.iam.gserviceaccount.com" \
--role="roles/owner"
Generate a Key File for Service Account
The following command generates a key file for a service account:
gcloud iam service-accounts keys create my-service-account-key-file.json --iam-account=my-service-account@my-project-id.iam.gserviceaccount.com