How to Create a Service Account for Terraform in GCP (Google Cloud Platform)

Before we start deploying our Terraform code for GCP (Google Cloud Platform), we will need to create and configure a Service Account in the Google Console.

In this example, we will create a master Service Account with permissions at Organization-level and Project-level.

• Organization-level permissions are required to create resources at the Organization level, for example, Folders and Projects.
• Project-level permissions are required to create resources at the project level, for example, Google Storage Accounts or VM instances.

Note: for demo purposes, we will create a Service Account with lots of permissions, feel free to add or remove permissions to adapt to your environment.

1. So, What is a Service Account?

A Service Account is a special kind of account used by an application (Terraform in this case) to make authorized API calls.

A Service Account is identified by its email address, which is unique to the account.

Two important differences between Service Accounts and User Accounts:

• Service Accounts don’t have passwords, and cannot log in via…