service account

September 25, 2019

GCP Service Accounts

Here’s how display the Service Account of a particular instance in Google Cloud.

gcloud compute instances describe server-name \
--zone us-central1-c \
--project project-id \
--format="flattened(serviceAccounts[].email)"

Result is:

serviceAccounts[0].email: service-account-name@project-id.iam.gserviceaccount.com

September 22, 2019

Here’s how to create a key for the GCP Service Account.

Create Key.

gcloud iam service-accounts keys create ~/key.json \
  --iam-account service-name@project-id.iam.gserviceaccount.com

Activate Key

gcloud auth activate-service-account service-name@project-id.iam.gserviceaccount.com \
--key-file=key.json

Revoke Key.

gcloud auth revoke service-account@project-id.iam.gserviceaccount.com

Delete Key

gcloud iam service-accounts keys delete key-id \
    --iam-account service-name@project-id.iam.gserviceaccount.com