[[2021-06-27_Sun]] #gcp #terraform #remotedev ```shell-session $ gcloud iam service-accounts create terraform-serviceaccount \ --display-name "Account for Terraform" ``` ```shell-session $ set PROJECT_ID (gcloud config list --format 'value(core.project)') $ gcloud projects add-iam-policy-binding {$PROJECT_ID} \ --member serviceAccount:terraform-serviceaccount@{$PROJECT_ID}.iam.gserviceaccount.com \ --role roles/editor ``` Credentialファイルを発行する。 ```shell-session $ set PROJECT_ID (gcloud config list --format 'value(core.project)') $ gcloud iam service-accounts keys create ~/.secretl/gcp-terraform-service-account.json \ --iam-account terraform-serviceaccount@{$PROJECT_ID}.iam.gserviceaccount.com ``` ```shell-session export GOOGLE_CLOUD_KEYFILE_JSON=$HOME/.secret/gcp-terraform-service-account.json export GOOGLE_APPLICATION_CREDENTIALS=$HOME/.secret/gcp-terraform-service-account.json ```