3.1 KiB
GCE Authentication
For the Google Compute Engine we firstly need to create a new project.
- Head over to Google Cloud Console and create a new project. You can go with the default randomly generated project name or input your own and you can leave the location field on No organization. Then click create.
- Then while being on the new project's dashboard, click the humburger menu and go to the IAM & Admin service accounts section and create a new service account. Enter a name for the new service account and click create and continue. Give the service account the appropiate permissions such as Owner, Compute Engine Service Agent and Service Account User. Also include your account's email to the add admin roles section.
- Then while being on the service accounts section click on the service account you just created and then on the Add Key button and choose the JSON option for Key type. Download it to the same location as the project's source files
- Finally go to the APIs & Services section and enable the Compute Engine API
- Keep in mind you need to have billing information associated and enabled for your project.
In as few words as possible, here are the steps to follow:
There are three values needed for authentication with the Google Compute Engine API. The first is the project ID, which is the name of the project you created in the Google Cloud Console. The second is the service account email address, which is the email address of the service account you created in the Google Cloud Console. The third is the path to the JSON file (whose name and path are found by the script's internal logic by providing the private_key_id) that contains the private key for the service account. You can find these values in the JSON file you downloaded from the Google Cloud Console.
Those values are also located in the JSON file and are translate to the following environment variables:
- GCE_PROJECT_ID -> project_id
- GCE_CLIENT_SECRET -> private_key_id
- GCE_CLIENT_ID -> client_email