如何下载服务帐号Json?
[英]How to download a Service Account Json?
问题描述
I have a impersonated a Service Account in gcloud through the command gcloud config set auth/impersonate_service_account [SA_FULL_EMAIL] .
我通过命令gcloud config set auth/impersonate_service_account [SA_FULL_EMAIL]在gcloud中模拟了一个服务帐户。
Now, all my API calls are impersonating the Service Account., is there a way to download the Service Account JSON at this point?现在,我所有的 API 调用都在模拟服务帐户。此时是否有办法下载服务帐户 JSON?
Because I do not have the original Service Account JSON that was created earlier and also as an User I do not have permissions to Manage Keys for this Service Account.因为我没有之前创建的原始服务帐户 JSON,而且作为用户,我没有权限管理此服务帐户的密钥。
Please let me know, if I can download the Service Account JSON from gcloud by impersonating the Service Account.如果我可以通过模拟服务帐户从gcloud下载服务帐户 JSON,请告诉我。
Thanks in advance!提前致谢!
1 个解决方案
解决方案1
1 2022-03-28 18:07:07
I do not have permissions to Manage Keys for this Service Account
Without those permissions, you cannot create or download service account JSON keys.没有这些权限,您无法创建或下载服务帐户 JSON 密钥。 If the service account has those permissions, which it should not for security reasons, then yes.如果服务帐户具有这些权限(出于安全原因不应具有这些权限),则可以。
The following command will create a new JSON key and download it:以下命令将创建一个新的 JSON 密钥并下载它:
gcloud iam service-accounts keys create my-service-account.json --iam-account <EMAIL ADDRESS>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.