Reputation: 1177
How to use the Service Account credentials for SecretManagerServiceClient without using a json file
I am using the below code for accessing the service account credentials, Not sure Since the secret manager does not accept a credential in their Create(), So I tried the second approach as per https://cloud.google.com/docs/authentication/production#passing_code. What Am I doing wrong?
var text = File.ReadAllText(@"cred.json");
JObject credential = JObject.Parse(text);
SecretManagerServiceClientBuilder secretManagerServiceClientBuilder = new SecretManagerServiceClientBuilder()
{
JsonCredentials = o1,
};
SecretManagerServiceClient client = secretManagerServiceClientBuilder.Build();
// Create the client.
client = SecretManagerServiceClient.Create();
Upvotes: 2
Views: 2038
Answers (1)
Reputation: 1177
Found the solution -
Accessing the service account via code can be done in 2 ways -
Check if the API accepts the credentials in the create method like for the storage bucket, then use the first approach.
var credential = GoogleCredential.FromFile(jsonPath); var storage = StorageClient.Create(credential);If create() do not accept params then user the builder for that API Like SecretManagerServiceClientBuilder for the secret manager, KeyManagementServiceClientBuilder for KMS. Just replace the create part with the builder part.
var text = File.ReadAllText(@"cred.json"); SecretManagerServiceClientBuilder secretManagerServiceClientBuilder = new SecretManagerServiceClientBuilder() { JsonCredentials = text, }; SecretManagerServiceClient client = secretManagerServiceClientBuilder.Build(); SecretVersionName secretVersionName = new SecretVersionName(projectId, secretId, secretVersionId); // Call the API. AccessSecretVersionResponse result = client.AccessSecretVersion(secretVersionName); // Convert the payload to a string. Payloads are bytes by default. String payload = result.Payload.Data.ToStringUtf8();
Upvotes: 2
Related Questions
- is there a way to use your current credentials to assume a service account instead of having to use the json key?
- Loading Service account Json key file
- Google Cloud SecretManagerServiceClient() is not finding creds with .from_service_account_json() file
- Can someone else create Service account for me and pass me JSON key to set env variable GOOGLE_APPLICATION_CREDENTIALS?
- How to use non-default Google Service Account credentials with SecretManagerService in Google Cloud Function?
- GCP credentials json file that represents an anonymous user
- GoogleCredential created by json private key file (ServiceAccount) - how to set the User to impersonate?
- google service account authentication with json file in .net 4.0
- Passing Service Account Credential(JSON File) programmatically for BigQuery Service
- Google BigQuery Service Account Credentials using JSON file in C# application