Set up ADC for on-premises or another cloud provider
Stay organized with collections
Save and categorize content based on your preferences.
If you are running your application outside of Google Cloud, you need to
provide credentials that are recognized by Google Cloud to
use Google Cloud services.
Workload Identity Federation
The preferred way to authenticate with Google Cloud using credentials from
an external IdP is to use Workload Identity Federation;
you create a credential configuration file and set the
GOOGLE_APPLICATION_CREDENTIALS environment variable to point to it. This
approach is more secure than creating a service account key.
If you are not able to configure Workload Identity Federation, then you must
create a service account, grant it the IAM roles that
your application requires, and create a key for the service account.
To create a service account key and make it available to ADC:
Create a service account with the roles your application needs, and a key
for that service account, by following the instructions in
Creating a service account key.
Set the environment variable GOOGLE_APPLICATION_CREDENTIALS
to the path of the JSON file that contains your credentials.
This variable applies only to your current shell session, so if you open
a new session, set the variable again.
Example: Linux or macOS
exportGOOGLE_APPLICATION_CREDENTIALS="KEY_PATH"
Replace KEY_PATH with the path of the JSON file that contains your credentials.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-01-30 UTC."],[],[]]
