Create a Google Cloud Platform service account
Service accounts let you use the different APIs of Google such as Spreadsheets, Gmail, Bigquery, Google Search Console, etc…
They may come very useful when we’re talking about job automation.
Despite OAuth authentication, Service Accounts don’t need human-to-machine interaction and are great to machine-to-machine jobs. You may need to begin your development with OAuth authentication and then switch to Service Account when you try to deploy your script into a production environment.
In this article, we’ll see how to create a Service Account and create JSON keys for it.
summary
- Create a Google Cloud Platform account
- Create a Service Account
- Add a new key to your Service Account
1. Create a Google Cloud Platform account
if you haven’t got one yet, create yourself a Google Cloud Platform Account.
You’ll arrive on a page like in Figure 1 just below.
Here, just hit the Get started for free button. The steps are pretty straightforward, and they’ll ask you to enter a credit card. Don’t worry, for what we’re about to do, it’ll cost you nothing. Indeed, Google Cloud Platform has a free tier plan and you could use most of the tools for free if it’s just for the training. If you’re still stressed about this, you can consult the billing page of your account (after you registered).
You’ll be asked to create a project. A project in the Google Cloud Platform defines a scope. You can create multiple projects, of course, but if you’re a Data Engineer in a company for example your all team may even be on the same project depending on its size.
2. Create a Service Account
You may now have noticed the navigation menu at the left of your screen, just hit IAM & Admins and then Service accounts, as shown in Figure 2.
Just now hit the Create service account button on the top menu as shown in Figure 3.
In the next step (Figure 4), only the Service account ID is mandatory, I advise you to name it as your specific scope. Indeed, it’s not good practice to have one service account for all your jobs. It’s better to create a service account with a given role that will not do anything out of it. It’ll help you clarify your role management and it’s safer in terms of cybersecurity to don’t have an account with all roles possible on your Google Cloud Platform.
After that, you can directly click on the Done blue button or hit Create and continue and then Done.
3. Add a new key to your Service Account
In this tutorial, we will use a JSON key. If you already have your Service Account JSON key, you can skip to the next step.
The JSON file we’ll create contains the credentials we need to establish a connection through the service account. You don’t need to enter a username or a password.
Also important thing, as for passwords, never upload your JSON key on online tools such as Github.
Return to Service Account through the left menu as shown in Figure 2.
Then, click on Manage Keys as shown in Figure 5.
Finally, click on
1. Add Key
2. Create New Key
3. JSON
conclusion
And now, a JSON file containing your key should have been uploaded to your computer. Store it safely where you want your scripts, and you are now up to do some coding!
