Creating a Service Account in Google Cloud Platform (GCP)

A service account in Google Cloud Platform (GCP) allows Astra to securely access your cloud environment for security assessments. Follow the steps below to create one.

Step 1: Sign in to Google Cloud Console

1. Go to the GCP Console.

2. Select your existing project or create a new one.

Step 2: Navigate to IAM & Admin

1. In the left-hand menu, go to IAM & Admin → Service Accounts.

Step 3: Create the Service Account

1. Click the Create Service Account button.

2. Fill in the following details:

   • Name: A meaningful name for the service account (e.g., astra-security-account)

   • ID: Auto-filled based on the name, but can be customized

   • Description: Optional, but recommended for clarity

3. Click Create and Continue.

Step 4: Assign Roles

1. Choose the appropriate roles for the service account based on the required permissions. For example:

   • Viewer — read-only access

   • Editor — read/write access

   • Owner — full control (use with caution)

2. Click Continue.

Step 5: Generate a Key

1. In the Service Accounts list, find your newly created account.

2. Click the three dots (⋮) under Actions → Manage keys.

3. Click Add Key → Create new key.

4. Select JSON as the key type.

5. Click Create — the JSON file will download automatically.

Important: Store this JSON file securely. It contains the credentials required for authentication and cannot be recovered if lost.

Step 6: Use the Service Account

Once the key is generated, use the downloaded JSON key file when interacting with GCP services via SDKs, CLI tools, or deployment configurations.

Need Help?

If you encounter any issues while setting up your service account, please reach out to our support team by raising a ticket from your Astra dashboard.