Learn how to dynamically generate GCP service account tokens.
Self-Hosted Instance
Enable the IAM Service Account Credentials API
Navigate to IAM & Admin > Service Accounts in Google Cloud Console
Create a Service Account
Generate Service Account Key
Configure Your Instance
INF_APP_CONNECTION_GCP_SERVICE_ACCOUNT_CREDENTIAL
environment variable.Navigate to IAM & Admin > Service Accounts
Create Service Account
Configure Service Account Permissions
Enable Service Account Impersonation
[email protected]
If you’re using Infisical Cloud EU, use the following service account: [email protected]
If you’re self-hosting, follow the “Self-Hosted Instance” guide at the top of the page and then use service account you createdOpen Secret Overview Dashboard
Click on the 'Add Dynamic Secret' button
Select 'GCP IAM'
Provide the inputs for dynamic secret parameters
Click `Submit`
Generate dynamic secrets
Submit
button, a new secret lease will be generated and the credentials from it will be shown to you.