gar_service_provision function

Provision a service account

Provision a service account

This uses all the gar_service_create functions to enable creating service account roles more easily

gar_service_provision(
  accountId,
  roles,
  json = Sys.getenv("GAR_CLIENT_JSON"),
  file = paste0(accountId, "-auth-key.json"),
  email = Sys.getenv("GARGLE_EMAIL")
)

Arguments

  • accountId: The service accountId
  • roles: A character vector of roles to give the accountIds e.g. roles/editor - see list of roles here https://cloud.google.com/iam/docs/understanding-roles#predefined_roles or in your GCP console https://console.cloud.google.com/iam-admin/roles/details/roles
  • json: The file location of an OAuth 2.0 client ID json file
  • file: The file to download the private JSON key to
  • email: An existing gargle cached email to authenticate with or TRUE to authenticate with the only email available.

Details

You will need the OAuth2.0 Client ID JSON from your GCP project via menu icon > APIs & Services > Credentials > Create Credentials > OAuthclient ID

You need to authenticate with a user with permission iam.serviceAccounts.create for the project. Most often the user is an Owner/Editor

Examples

## Not run:

gar_service_provision("my-service-account", 
                      c("roles/viewer", "roles/bigquery.jobUser"))
## End(Not run)

See Also

https://cloud.google.com/iam/docs/creating-managing-service-accounts#iam-service-accounts-create-rest

Other IAM functions: gar_service_create()

googleAuthR packageRead PDF manual
  • Maintainer: Erik Grönroos
  • License: MIT + file LICENSE
  • Last published: 2024-05-22

Useful links