Modify Google Cloud Policy

Before you can create a Google service account key, you might need to allow key creation. Follow the steps below to enable this setting.

  1. Go to the Google Cloud Platform Console and log in with your Super Admin account.

  2. In the top-left corner, next to the Google Cloud logo, select your organization from the dropdown list.

    image

  3. Go to shield_person IAM and admin.

    image

  4. Click .

    image

  5. Add your Super Admin account in the New principal field.

    image

  6. Under Assign roles, select the Organisation Administrator and Organisation Policy Administrator roles.

    image

  7. Click and wait a few minutes (± 3 minutes) to ensure that IAM changes have propagated.

  8. Go to article Organization Policies.

    image

  9. Filter on iam.disableServiceAccountKeyCreation.

    image

  10. Select the policy iam.disableServiceAccountKeyCreation.

  11. Click .

    image

  12. Scroll down to Rules, and expand the Enforced rule.

  13. Change Enforcement to Off.

    image

  14. Click .

    image

  15. Click .

    image