{"id":46893,"date":"2024-08-17T14:09:04","date_gmt":"2024-08-17T14:09:04","guid":{"rendered":"https:\/\/www.devopsschool.com\/blog\/?p=46893"},"modified":"2024-08-17T14:09:04","modified_gmt":"2024-08-17T14:09:04","slug":"google-cloud-create-and-delete-service-account-keys","status":"publish","type":"post","link":"https:\/\/www.devopsschool.com\/blog\/google-cloud-create-and-delete-service-account-keys\/","title":{"rendered":"Google Cloud: Create and delete service account keys"},"content":{"rendered":"\n<p>The <code>var.credentials_file_path<\/code> is a Terraform variable that holds the file path to your Google Cloud Platform (GCP) service account credentials JSON file. This file is used by Terraform to authenticate with GCP and perform actions such as creating and managing resources.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">How to Get the <code>credentials_file_path<\/code><\/h3>\n\n\n\n<p>To get the <code>credentials_file_path<\/code>, you need to follow these steps:<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">1. <strong>Create a Service Account<\/strong><\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Go to the <a>Google Cloud Console<\/a>.<\/li>\n\n\n\n<li>Navigate to <strong>IAM &amp; Admin<\/strong> > <strong>Service Accounts<\/strong>.<\/li>\n\n\n\n<li>Click on <strong>Create Service Account<\/strong>.<\/li>\n\n\n\n<li>Provide a name for the service account and an optional description, then click <strong>Create<\/strong>.<\/li>\n\n\n\n<li>In the next step, assign the appropriate roles to the service account, such as <strong>Compute Admin<\/strong> for managing compute instances.<\/li>\n\n\n\n<li>Click <strong>Done<\/strong> to create the service account.<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\">2. <strong>Create and Download the JSON Key File<\/strong><\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li>After creating the service account, you will see it listed under <strong>IAM &amp; Admin<\/strong> > <strong>Service Accounts<\/strong>.<\/li>\n\n\n\n<li>Click on the service account you just created.<\/li>\n\n\n\n<li>Navigate to the <strong>Keys<\/strong> tab.<\/li>\n\n\n\n<li>Click on <strong>Add Key<\/strong> > <strong>Create New Key<\/strong>.<\/li>\n\n\n\n<li>Select <strong>JSON<\/strong> as the key type, and click <strong>Create<\/strong>.<\/li>\n\n\n\n<li>A JSON file containing your credentials will be downloaded to your computer. This is your credentials file.<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\">3. <strong>Specify the File Path<\/strong><\/h4>\n\n\n\n<p><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>The <code>credentials_file_path<\/code> is the path to the JSON file you just downloaded. For example, if the file is in your <code>Downloads<\/code> directory, the path might look like this:<\/li>\n<\/ul>\n\n\n\n<p>Replace <code>\/home\/your-username\/Downloads\/your-service-account-key.json<\/code> with the actual path to your file in the Terraform code.<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>In the Google Cloud console, go to the\u00a0<strong>Service accounts<\/strong>\u00a0page.<a href=\"https:\/\/console.cloud.google.com\/iam-admin\/serviceaccounts?walkthrough_id=iam--create-service-account-keys&amp;start_index=1#step_index=1\" target=\"_blank\" rel=\"noopener\">Go to Service accounts<\/a>The remaining steps appear in the Google Cloud console.<\/li>\n\n\n\n<li>Select a project.<\/li>\n\n\n\n<li>Click the email address of the service account that you want to create a key for.<\/li>\n\n\n\n<li>Click the\u00a0<strong>Keys<\/strong>\u00a0tab.<\/li>\n\n\n\n<li>Click the\u00a0<strong>Add key<\/strong>\u00a0drop-down menu, then select\u00a0<strong>Create new key<\/strong>.<\/li>\n\n\n\n<li>Select\u00a0<strong>JSON<\/strong>\u00a0as the\u00a0<strong>Key type<\/strong>\u00a0and click\u00a0<strong>Create<\/strong>.<\/li>\n<\/ol>\n\n\n\n<p>Clicking&nbsp;<strong>Create<\/strong>&nbsp;downloads a service account key file. After you download the key file, you cannot download it again.<\/p>\n\n\n\n<p>The downloaded key has the following format, where&nbsp;<code><var>PRIVATE_KEY<\/var><\/code>&nbsp;is the private portion of the public\/private key pair:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"384\" src=\"https:\/\/www.devopsschool.com\/blog\/wp-content\/uploads\/2024\/08\/image-23-1024x384.png\" alt=\"\" class=\"wp-image-46894\" srcset=\"https:\/\/www.devopsschool.com\/blog\/wp-content\/uploads\/2024\/08\/image-23-1024x384.png 1024w, https:\/\/www.devopsschool.com\/blog\/wp-content\/uploads\/2024\/08\/image-23-300x112.png 300w, https:\/\/www.devopsschool.com\/blog\/wp-content\/uploads\/2024\/08\/image-23-768x288.png 768w, https:\/\/www.devopsschool.com\/blog\/wp-content\/uploads\/2024\/08\/image-23.png 1067w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n","protected":false},"excerpt":{"rendered":"<p>The var.credentials_file_path is a Terraform variable that holds the file path to your Google Cloud Platform (GCP) service account credentials JSON file. This file is used by Terraform to authenticate&#8230; <\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"_joinchat":[],"footnotes":""},"categories":[2],"tags":[],"class_list":["post-46893","post","type-post","status-publish","format-standard","hentry","category-uncategorised"],"_links":{"self":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/46893","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/comments?post=46893"}],"version-history":[{"count":1,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/46893\/revisions"}],"predecessor-version":[{"id":46895,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/46893\/revisions\/46895"}],"wp:attachment":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/media?parent=46893"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/categories?post=46893"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/tags?post=46893"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}