How do I ensure that my service account keys are not compromised

0 votes
What security measures should I follow to ensure that the private keys of my service accounts aren't compromised?
related to an answer for: Can I use a service account outside of GCP on other platforms?
Oct 30, 2019 in GCP by anonymous
 • 6,260 points 1,749 views

1 answer to this question.

0 votes

If you delete a key, your application will no longer be able to access Cloud Platform resources using that key.

A security best practice is to rotate your service account keys regularly. You can rotate a key by creating a new key, switching applications to use the new key and then deleting old key

Use the serviceAccount.keys.create()method and serviceAccount.keys.delete() method together to automate the rotation.

answered Oct 30, 2019 by Sirajul
 • 59,190 points

Related Questions In GCP

0 votes
1 answer

How do I ensure that my cloud storage data has max availability?

Consider storing your data in a multi-regional ...READ MORE

answered Nov 18, 2019 in GCP by Sirajul
 • 59,190 points 1,138 views
0 votes
1 answer

How can I change the Service Account that my GCP GAE Flex Service is running as?

This isn't possible at the moment. The ...READ MORE

answered Mar 4, 2022 in GCP by Korak
 • 5,820 points 1,038 views
+7 votes
12 answers

How do I delete my Google Cloud Platform Account?

How do I delete me cloud and ...READ MORE

answered Jan 18, 2019 in GCP by dodge123@yahoo.com
 173,714 views
0 votes
1 answer

How do I set image access constraints so that my image is only accessible by authorized users in GCP?

You can enact an image access policy ...READ MORE

answered Oct 16, 2019 in GCP by Sirajul
 • 59,190 points 2,973 views
0 votes
1 answer

How can I create a custom role in GCP?

To create a custom role, a caller ...READ MORE

answered Oct 30, 2019 in GCP by Sirajul
 • 59,190 points 7,834 views