This article, I will show you how to create a user-managed service account through the GCP console. But you can create a service account via the gcloud command tool also.
The first step to create the service account is to click on the top left burger bar and search for IAM & admin, and in that, you need to find Service accounts.
Click on the Service account, and it will direct to the service account dashboard.
Click to create a new service account, as shown in the image below.
Name that service account whatever you want. I am giving this a name called ‘paayi-key,’ provide id and description to that service account, as shown below in the Image.
Then click create. After clicking create, it will take us to the place where we need to give the proper role (service account permissions) to our service account. I will provide the project editor role to this terraform service account. This service account can do anything in this project after allotting this role to it.
After that, I will click continue, and it will take us to the page where we need to add original users who can have access to this account. So, I will add myself to this account, and you do the same.
Click on the newly created service account to create a private key inside it.
I will create a JSON key, and I will download the private key.
It will ask me how you want your key types JSON or P12. I choose JSON in this and click create.
The moment you click create, the key will start downloading like as shown below.
If you look into your service account, the activated key will look like this.
Now I upload this private key into the terraform Linux machine. Check the image below on how I uploaded the private key.
The next step is to create a folder name ‘google’ in your compute engine and move your private key inside, as shown in the image below. This step I will show you in the next article.