How do I enable API services specifically for a service account and not a user account?
Context: I'm using a Python script to locally test a cloud function (query BQ, convert results to json, drop in GCS bucket). I can do this fine with my own test account where I'm able to enable services, but not sure how I would do it (or how a client would go about doing it) for a client's service account. This is how I do it for my own service account:
- Get service account credentials as json
- Follow installations for gcloud cloud sdk
- Issue:
gcloud auth activate-service-account --key-file="/path/to/json-todd-credentials.json" --project="json-todd"
- Enable API services like so:
gcloud enable --account="[email protected]" cloudfunctions.googleapis.com pubsub.googleapis.com etc.
I have the client's service account json and I can auth activate-service-account
the service account but I can't enable because I don't have permissions - but how would the client enable APIs it specifically for a service account on GCP without having to install/initialise/auth the service account in the way above?