Make a google bucket using terraform and an account that can generate service tokens.

google.tokengen.tf

provider "google" {
  version = "~> 2.0, >= 2.5.1"
  alias   = "tokengen"
}
data "google_client_config" "default" {
  provider = "google.tokengen"
}
data "google_service_account_access_token" "sa" {
  provider               = "google.tokengen"
  target_service_account = "terraform@my-project-id.iam.gserviceaccount.com"
  lifetime               = "600s"
scopes = [
    "https://www.googleapis.com/auth/cloud-platform",
  ]
}
/******************************************
  GA Provider configuration
 *****************************************/
provider "google" {
  version      = "~> 2.0, >= 2.5.1"
  access_token = data.google_service_account_access_token.sa.access_token
  project      = "my-project-id"
}
/******************************************
  Beta Provider configuration
 *****************************************/
provider "google-beta" {
  version      = "~> 2.0, >= 2.5.1"
  access_token = data.google_service_account_access_token.sa.access_token
  project      = "my-project-id"
}
resource "google_storage_bucket" "test" {
  name     = "my-project-id-test-bucket"
  location = "us-west1"
}