Can someone else create Service account for me and pass me JSON key to set env variable GOOGLE_APPLICATION_CREDENTIALS?

Question

In order to run my code, I have to set GOOGLE_APPLICATION_CREDENTIALS env variable (to resolve the issue similar to this)

I am not able to create a service account for that specific project through GCP IAM & Admin. My question is:

1. should I request for access to be able to create a service account and then set the JSON key path OR
2. Can someone else with enough privileges create a service account for me and pass me the JSON key

Answer 1

To create a service account you need to have Service Account Admin Role (roles/iam.serviceAccountAdmin) or Create Service Accounts Role (roles/iam.serviceAccountCreator) and the following permissions on the project . To create a service account find the document here.

Please set GOOGLE_APPLICATION_CREDENTIALS or explicitly create credentials and re-run the application. This is one of the ways to make it working locally, you need to set up key:

gcloud iam service-accounts keys create /path/to/keyfile.json --iam-account=<your service account>

Then you run your app with environment variable

GOOGLE_APPLICATION_CREDENTIALS set to /path/to/keyfile.json, like this e.g:

GOOGLE_APPLICATION_CREDENTIALS=/path/to/keyfile.json blaze run /your/target.

Extending John hanley comment, Use the CLI to create default credentials. gcloud auth application-default login. Using the CLI, you do not need a service account JSON key file and do not need to set GOOGLE_APPLICATION_CREDENTIALS.