GCP Identity and Access Managment (IAM)

GCP Identity and Access Management (IAM) #

Service Accounts #

Check out the doc on Create service accounts.

To create a service account:

  1. Go to GCP IAM and admin

  2. Select Service accounts, and Create service account. Fill in the service account name and description. THen hit Done. From there, define a role with just enough permissions as required. That’s it.

This will create a service account with the email format of <name>@...iam.gserviceaccount.com, which also comes with a unique ID.

To use the service account, it’ll need a key:

  1. Select Keys from the IAM top tab bar

  2. Select Add Key, which will allow for the creation of a private key. This can be in the form of JSON (recommended) or a P12 format (I don’t use this one).