Alternative to Google service accounts

1
votes

My company works with IOT devices, and we have a product where each device should have a service account.

This scenario it's impossible to us right now because, follow that doc (https://cloud.google.com/iam/docs/understanding-service-accounts) studying more about it, was discovered GCP had a limit quota of 100 service accounts. Makes us impossible to work with 1 service account by device.

At that moment, in GCP, have another option than service accounts? Are there a way to increase the amount of service accounts?

1
google-cloud-platformservice-accounts
What are you trying to accomplish with individual service accounts for each device?JPortillo
It would help a lot understanding how you're attempting to use the service accounts. Are you trying to authenticate the devices to use your application that is running in GCP?Judith Guzman
Yes there is Iot Core for this problem. Can you describe more your use case and your iOt devices capability?guillaume blaquiere

1 Answers

1
votes

I would suggest to check this article that describes the authentication strategies you can use to work in GCP, in particular Google Cloud APIs.

If you have decided that you would rather have a service account for each of your IOT devices, instead if using another option such as the OAuth 2.0 client then you can request a quota increase from the default limit of 100.

The quota increase request is subject to evaluation, so it's best to add a clear note on why you need more than 100 SAs.

Maybe authenticating as a en user could be a better option as whenever you need to increase the number of devices you won't need to wait for any type of approval. However it's not possible to know for sure if this option is best, as your application flow is not clear with the details you have added in the question so far. As mentioned before, you could take a look to the documentation and select the best option for you use case.