Skip to content

gcloud: Use service account for API access #23

Closed
Closed
gcloud: Use service account for API access#23
Labels
Type: Enhancement
@mhenderson-so

Description

@mhenderson-so
mhenderson-so
opened on Jan 4, 2017

Rather than setting up OAuth the odd way we're doing it now, it would be better to use Google's Service Accounts to authenticate: https://support.google.com/googleapi/answer/6158849?hl=en#serviceaccounts

  • You receive a private key which is stored in JSON (which would need to be stored in creds.json)
  • The following GoLang code will give you a HTTPClient that can be used for the rest of the API work:
	rawConfig, err := ioutil.ReadFile("./jsoncreds.json")
	if err != nil {
		panic(err)
	}
	config, err := google.JWTConfigFromJSON(rawConfig, "https://www.googleapis.com/auth/ndev.clouddns.readwrite")
	if err != nil {
		panic(err)
	}
	ctx := context.Background()
	hc := config.Client(ctx)
  • No more setup with refresh keys or manual authorisation against a google account

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type: Enhancement

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions