fmachado091/spring-cloud-gcp-pubsub-example-create-service-account.sh

## spring-cloud-gcp-pubsub-example-create-service-account.sh
# create a new service account with a descriptive name
# I chose 'hello-spring-cloud-gcp-app' for mine, but it can be any name you like
# just know that a service account name must be between 6 and 30 characters (inclusive), must begin with
# a lowercase letter, and consist of lowercase alphanumeric characters that can be separated by hyphens.
$ gcloud iam service-accounts create hello-spring-cloud-gcp-app

# add the appropriate roles to your service account
# for more info on roles, check https://cloud.google.com/iam/docs/understanding-roles
# for our app, we only need the Pub/Sub Publisher and Subscriber roles

# setting these up just to improve readability of the following commands
PROJECT_ID=hello-spring-cloud-gcp
SERVICE_ACCOUNT_NAME=hello-spring-cloud-gcp-app

# add the Pub/Sub Publisher role
$ gcloud projects add-iam-policy-binding ${PROJECT_ID}\
    --member "serviceAccount:${SERVICE_ACCOUNT_NAME}@${PROJECT_ID}.iam.gserviceaccount.com"\
    --role "roles/pubsub.publisher"

# add the Pub/Sub Subscriber role
$ gcloud projects add-iam-policy-binding ${PROJECT_ID}\
    --member "serviceAccount:${SERVICE_ACCOUNT_NAME}@${PROJECT_ID}.iam.gserviceaccount.com"\
    --role "roles/pubsub.subscriber"

# download a key file containing your credentials
$ gcloud iam service-accounts keys create ${SERVICE_ACCOUNT_NAME}.json\
    --iam-account ${SERVICE_ACCOUNT_NAME}@${PROJECT_ID}.iam.gserviceaccount.com
	# create a new service account with a descriptive name
	# I chose 'hello-spring-cloud-gcp-app' for mine, but it can be any name you like
	# just know that a service account name must be between 6 and 30 characters (inclusive), must begin with
	# a lowercase letter, and consist of lowercase alphanumeric characters that can be separated by hyphens.
	$ gcloud iam service-accounts create hello-spring-cloud-gcp-app

	# add the appropriate roles to your service account
	# for more info on roles, check https://cloud.google.com/iam/docs/understanding-roles
	# for our app, we only need the Pub/Sub Publisher and Subscriber roles

	# setting these up just to improve readability of the following commands
	PROJECT_ID=hello-spring-cloud-gcp
	SERVICE_ACCOUNT_NAME=hello-spring-cloud-gcp-app

	# add the Pub/Sub Publisher role
	$ gcloud projects add-iam-policy-binding ${PROJECT_ID}\
	--member "serviceAccount:${SERVICE_ACCOUNT_NAME}@${PROJECT_ID}.iam.gserviceaccount.com"\
	--role "roles/pubsub.publisher"

	# add the Pub/Sub Subscriber role
	$ gcloud projects add-iam-policy-binding ${PROJECT_ID}\
	--member "serviceAccount:${SERVICE_ACCOUNT_NAME}@${PROJECT_ID}.iam.gserviceaccount.com"\
	--role "roles/pubsub.subscriber"

	# download a key file containing your credentials
	$ gcloud iam service-accounts keys create ${SERVICE_ACCOUNT_NAME}.json\
	--iam-account ${SERVICE_ACCOUNT_NAME}@${PROJECT_ID}.iam.gserviceaccount.com