Grant IAM user access to API Credentials

1
votes

I'm attempting to give API Credentials access to a user via IAM. However, I'm unable to find an existing Predefined Product Role that encapsulates these permissions. The closest I can find is roles/ iam.serviceAccountTokenCreator under Service Account but that only allows me to grant access to: 

Impersonate service accounts (create OAuth2 access tokens, sign blobs or JWTs, etc).

I don't want to create a Service account, but simply another user account which can sign in and manage the OAuth credentials / access keys.

1
google-cloud-platformgoogle-cloud-iam
As per documentation states, API keys should be used for almost all cases with service accounts. You can check the documentation where I found the info here: cloud.google.com/docs/authentication/api-keysShibboleet

1 Answers

0
votes

To be able to create an API Key, the IAM user must have the Editor role roles/editor on the project.

Reference:

Creating an API key