[FAQ] Service account key creation disabled

[afarmijosdev]

Course

data-engineering-zoomcamp

Question

Google Platform disabled the ability to create key under service accounts, to force other security reasons. How we can unblock to continue with the module

Answer

To unblock this, as a workaround, we can disable the "disableServiceAccountKeyCreation" under the organization policy.

For that, we should open the GCP terminal and run:

gcloud org-policies delete iam.disableServiceAccountKeyCreation --organization=<ORGANIZATION ID>

You should have the policyAdmin role, otherwise you can run:

gcloud organizations add-iam-policy-binding <ORGANIZATION ID> --member="user:<USER ACCOUNT YOU ARE LOGGED>" --role="roles/orgpolicy.policyAdmin"

To get the we can run next command and copy ID Value

gcloud organizations list

To get the we can run next command and copy ID Value

gcloud auth list

Doc: https://docs.cloud.google.com/resource-manager/docs/secure-by-default-organizations?_gl=1*1kkqiz2*_ga*OTYzNzE1NTY1LjE3Njg5OTU3MTM.*_ga_WH2QY8WWF5*czE3Njg5OTU3MTMkbzEkZzEkdDE3Njg5OTk0OTMkajEkbDAkaDA.#disable_organization_policies

Checklist

• I have searched existing FAQs and this question is not already answered
• The answer provides accurate, helpful information
• I have included any relevant code examples or links

[github-actions]

❌ FAQ Bot encountered an error processing this proposal.

Please check the workflow run for details.

A maintainer will review this manually.

[alexeygrigorev]

FAQ added manually to module-1/sort_order 138 (combined with #75)