blob: 95e7531a0a8b7305f56ee7e6f397ebc9587e02b4 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
#+TITLE: Gcloud
* Initial setup
First we need to create a service account, with:
#+begin_src sh
gcloud --project fcuny-homelab iam service-accounts create world-nix
#+end_src
Next we need to bind the new policy:
#+begin_src sh
gcloud projects add-iam-policy-binding fcuny-homelab --member="serviceAccount:world-nix@fcuny-homelab.iam.gserviceaccount.com" --role="roles/accessapproval.configEditor"
#+end_src
Note: I had to add DNS administrator in the console, I don't know what I need to add to this command.
Finally we need the key:
#+begin_src sh
gcloud iam service-accounts keys create world-nix.json --iam-account=world-nix@fcuny-homelab.iam.gserviceaccount.com
#+end_src
This will create a file name =world-nix.json=. It's best to encrypt it with =age= and move it under the =secrets= directory for a host.
|
