Last active
November 21, 2022 21:43
-
-
Save midacts/303c2f38f08015be768480c0d17f01ab to your computer and use it in GitHub Desktop.
GCP Cloud Function Invocation by Service Account
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
############### | |
## VARIABLES ## | |
############### | |
SA='my-service-account' | |
PROJECT_ID='my-project-id' | |
FUNCTION_URL='my-func-url' | |
# Create the service account | |
gcloud iam service-accounts create $SA --project $PROJECT_ID | |
# Export service account credentials via JSON file | |
gcloud iam service-accounts keys create credentials.json \ | |
--iam-account $(SA)@$(PROJECT_ID).iam.gserviceaccount.com | |
# Run the function with service account credentials | |
# Run gcloud as the service account | |
gcloud auth activate-service-account --key-file=credentials.json | |
# Invoke the Cloud Function as your service account | |
curl -m 70 -X POST $(FUNCTION_URL) \ | |
-H "Authorization: bearer $(gcloud auth print-identity-token)" \ | |
-H "Content-Type: application/json" \ | |
-d '{ | |
"name": "Hello World" | |
}' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment