Create a Service Account

A Google Cloud service account is an account that is identified by its unique email address and is used by an application or compute workload, rather than a person. The service account does not have a password. You cannot log in to such an account from a browser.

Applications use service accounts to make authorized API calls to Google Cloud services.

The following procedure describes how to create a service account by using the Google Cloud console to secure your Google Cloud resources with Carbon Black Cloud. For details, see Create Service Accounts.

Prerequisites

Verify that you have an existing project.
Verify that you have the Create Service Accounts IAM role on the project (roles/iam.serviceAccountCreator). For more information, see Manage access.
To grant the service account access to your project, verify that you have the Project IAM admin role (roles/resourcemanager.projectIamAdmin).

Procedure

Log in to the Google Cloud console.
From the Select a project drop-down menu, next to the search text box, select a project.
Type Service Accounts in the search text box and click Service Accounts from the search result.
The Service account page displays under the IAM and Admin category.
Click Create Service Account.
In step 1, Service account details, enter a name for the account.
The console generates an ID based on the name you provide.
Optional. Edit the ID.
Once you create the account, you cannot change its ID.
Optional. Enter a description for the purpose of the account.
For example, Service account to integrate with Carbon Black Cloud console.
Click Create and Continue.
You receive a notification that the service account is created.
In step 2, Grant this service account access to project, click the select a role drop-down menu, and select the Basic > Viewer role.
To save your changes and create the account, click Continue and then Done.

Results

The newly created service account appears with its email address in the list of accounts under the specified project.