Gcloud Auth Activate-service-account __full__ Here

The core syntax is deceptively simple:

gcloud auth activate-service-account --key-file=/path/to/key.json gcloud auth activate-service-account

There are two mutually exclusive ways to provide credentials: The core syntax is deceptively simple: gcloud auth

Terraform needs credentials to provision infrastructure. Instead of using application default credentials (which may be stale), you explicitly activate a service account before running terraform plan : gcloud auth activate-service-account

| Feature | gcloud auth login (User) | gcloud auth activate-service-account | | :--- | :--- | :--- | | | OAuth2 browser flow | JSON key file | | MFA Required | Yes | No (key is the secret) | | Expiration | Default ~1 hour (refreshable) | Until key is revoked | | Headless/CI | Impossible | Native | | Audit Logging | Shows user email | Shows service account email |