What is a Google Cloud service account?
A Google Cloud service account is a peculiar type of account used within your Google Cloud account that belongs to a Virtual Machine, and not to the Google Cloud account user.
The application, such as SAP HANA or Wordpress for example, will use the Google Cloud service account to make any call to the Google API, and individual Google Cloud users aren’t directly involved – but the Google Cloud service account will be.What are Google Cloud service accounts?
Check Point: 66% of Information Security Professionals believe that Cloud Protection doesn’t work
Creating a Google Cloud service account
To be able to create a Google Cloud service account and start using a virtual machine for an application, the first step is to login to your Google Cloud account, or create a fee Google Cloud account if you don’t have one yet.
Then, once in the Google Cloud dashboard, find the menu IAM&Admin > Service accounts. This will open the GCloud service account screen.
From there, select an existing project if available, or choose to create a new project where applicable.
Enter the project name, and the location if necessary, and click create to continue.
Adding new service accounts
The next step once the project has been selected or newly created, is to add new GCloud service account s, but clicking on the three dots menu and selecting the create service account option.
From there, choose the role of the Google Cloud service account to be created, such as a Service Account Admin, which is generally necessary to start a new project on Google Cloud.
Enter the Google Cloud service account details, such as his service account name, the corresponding service account ID, and the project role, which can be changed before the creation.
Service account private key
It will be necessary to select a type of private key to be used to identify the service account, which can be either a JSON file, or another format – JSON file will generally be good enough for any identification.
Once the Google Cloud service account has been created, the corresponding service key file will be saved on the computer and downloaded by the browser.
Use this file to identify your newly created Google Cloud service account when you will use it to access some of the other Google Cloud services.
Once the service account has been created, it will be visible from the list of existing service accounts that are accessible to the current user.
From that screen, it will be possible to edit any service account, disable it, or create a new private key, which will be either in JSON format, or in P12 format.JSON data interchange format
P12 digital certificate file format