Google Cloud Compute Engine API Key To Manage VMs

0
votes

I'd like to start/stop/restart VMs in GCP through scripts. There are OAuth2.0 and API key methods for this.

For OAuth 2.0, I can generate access token through "gcloud auth print-access-token" I get the key and it works.

I want to the same to work with API keys, but not able to find API key for "Compute Engine", there are service account, but keys.

curl --request POST \ 'https://www.googleapis.com/compute/v1/projects/xxxx/zones/xxx/instances/xxx/stop?key=[YOUR_API_KEY]' \ --header 'Accept: application/json' \ --compressed

what I am missing?

thanks.

1
apigoogle-cloud-platformgoogle-compute-engine

1 Answers

1
votes

You cannot use an API key for this purpose. This is because the GCE API needs to know who is sending the request1 but the API key doesn't provide this information.

API keys are used when an API can be accessed by anyone, for example a Google Maps box embedded in a website, but usage needs to be accounted to one particular customer.

1 Identity is needed to enforce IAM permission, collect audit logs and other such tools.