How to create a Google Cloud service account?

What is a Google Cloud service account?

A  Google Cloud service account‌  is a peculiar type of account used within your  Google Cloud account‌  that belongs to a Virtual Machine, and not to the  Google Cloud account‌  user.

The application, such as  SAP HANA‌  or Wordpress for example, will use the  Google Cloud service account‌  to make any call to the Google API, and individual Google Cloud users aren’t directly involved – but the  Google Cloud service account‌  will be.

What are Google Cloud service accounts?
Check Point: 66% of Information Security Professionals believe that Cloud Protection doesn’t work

Creating a Google Cloud service account

To be able to create a  Google Cloud service account‌  and start using a virtual machine for an application, the first step is to login to your Google Cloud account, or create a fee  Google Cloud account‌  if you don’t have one yet.

Then, once in the Google Cloud dashboard, find the menu IAM&Admin > Service accounts. This will open the  GCloud service account‌  screen.

From there, select an existing project if available, or choose to create a new project where applicable.

Enter the project name, and the location if necessary, and click create to continue.

Adding new service accounts

The next step once the project has been selected or newly created, is to add new Gcloud service accounts, but clicking on the three dots menu and selecting the create service account option.

From there, choose the role of the  Google Cloud service account‌  to be created, such as a Service Account Admin, which is generally necessary to start a new project on Google Cloud.

Enter the  Google Cloud service account‌  details, such as his service account name, the corresponding service account ID, and the project role, which can be changed before the creation.

Service account private key

It will be necessary to select a type of private key to be used to identify the service account, which can be either a JSON file, or another format – JSON file will generally be good enough for any identification.

Once the  Google Cloud service account‌  has been created, the corresponding service key file will be saved on the computer and downloaded by the browser.

Use this file to identify your newly created  Google Cloud service account‌  when you will use it to access some of the other Google Cloud services.

Once the service account has been created, it will be visible from the list of existing service accounts that are accessible to the current user.

From that screen, it will be possible to edit any service account, disable it, or create a new private key, which will be either in JSON format, or in P12 format.

JSON data interchange format
P12 digital certificate file format

Comments (0)

Leave a comment