economize.cloud
Book a demo
Get started for free

How to create a Service Account in GCP

· 3 min read
Book a demo
Get started for free

Table of Contents

What is a GCP service account?

Similar to a user account, a service account requires an email address during creation. The difference lies in the accessibility, where it doesn’t require a password. Instead, a private-public RSA key pair is used and the account cannot be accessed through a browser. User account are not to be shared, while service accounts may be used by multiple users when the appropriate permissions are granted.

The purpose of creating and using a GCP service account is to assign an identity that an application or instance can use to run authorization API calls on your behalf, and run passively in the background.

It is also important to keep in mind that a service account is not the same as a personal user account. Instead, it’s a resource that wants to communicate with the GCP services that house your data. When your script or application utilizes the APIs, it assumes the identity of the service account until the task assigned is completed.

There are many different uses for a GCP service account, depending on the amount and type of workload you wish to utilize. Usually they are used to represent automated VM’s or applications that need to run in the background.

Uses and Benefits

Service accounts are generally preferred for analytics workloads, as they empower an organization to effectively implement security and decrease dependency on specific personnel.

  • It is a rather convenient process for one account to be accessed by multiple members of the team if they wish to view the data, instance or workload associated with that service account. The same is not possible with user accounts due to authorization protocols.
  • A user may have a wide variety of credentials across a number of products in order to conduct their daily responsibilities. Due to the unrestricted access to these products via permissions, errant application code might have an impact on data within these resources. Service accounts, on the other hand, can have their rights restricted while the user’s remain unaffected. As a result, the application’s capabilities are limited, but the user may still go about their daily tasks without difficulty.
  • If you want to hire third-party developers or testers to work on your app, all you have to do is provide them access to your service account instead of establishing new users in your company. They may possibly have access to critical organizational information if you had to create user accounts for them within your domain. Service accounts allow you to provide third-parties access to certain services without requiring them to join your organization.

How do I create a GCP service account?

1. Login to your Google Cloud Platform account and open the navigation menu by clicking the three vertical lines on the top left of the screen.
Service Account, GCP, IAM, Create

2. Hover over the IAM and Admin section, select service accounts from the attached table.

3. Once on the Service Account page, click the + CREATE SERVICE ACCOUNT button at the top of the page.

4. Provide additional details, such as Name, ID, and Description for the service account. Once completed, press the Create and Continue button

Create a service account, GCP, Name, ID

5. (Optional) Grant access permissions to your GCP environment. If you do not have the appropriate authority, simply press continue.

Service Account, Roles, Access, Viewers, Admins

6. (Optional) Set specific roles and grant access for your team to utilize the service account by adding their email.

7. Click the Done button to finish making your service account. Your service account is activated and ready to use!

Service Account, Delete, Confirm, View

8. If you wish to delete a service account you may select the checkbox on the left of the service account and navigate to the DELETE button under the search bar.

For in-depth knowledge about creating and using a GCP service account, you can visit Google’s documentation.

Conclusion

Service accounts are very  convenient when used  with your GCP environment. They are usually assigned to an application or computing task, and are the preferred account type for analytic workloads. They offer a different independence when compared to a user account. Security and accessibility are greatly enhanced, and they have benefits such as enabling you to run automated background tasks and giving secure access to your team or an external third party group.

with your GCP environment. They are usually assigned to an application or computing task, and are the preferred account type for analytic workloads. They offer a different independence when compared to a user account. Security and accessibility are greatly enhanced, and they have benefits such as enabling you to run automated background tasks and giving secure access to your team or an external third party group.

Adarsh Rai

Adarsh Rai, author and growth specialist at Economize. He holds a FinOps Certified Practitioner License (FOCP), and has a passion for explaining complex topics to a rapt audience.

Related Articles

AWS VPC pricing, amazon Virtual Private Cloud, Amazon VPC cost optimization, Cloud Cost Optimization, Cloud Clost management

AWS VPC: 5 Essential Strategies to Optimize your VPC Network
Gemini for Google Cloud, Cloud Cost Optimization, Cloud Cost Management, Google Cloud Management, Google AI captions

Gemini for Google Cloud: 4 AI Features to Empower Business
Google Axion Processor and its capabilities to improve workload efficiency

How Google Axion Processor Can Improve Workload Efficiency?

Maximize Cloud Efficiency and Optimize Costs

Get started free in our sandbox or book a personalized call with our product experts
Get Started
Book a Demo

SERVICES

FEATURES

CAPABILITIES

RESOURCES

440 N Barranca Ave#9095, Covina, CA 91723
+1 (650) 505-5779

Twitter