Enable Service Account Key Creation
Last updated
Was this helpful?
Last updated
Was this helpful?
If you encounter difficulties creating a service account key for integration with your data transfer tool, you might see an error similar to this:
'The organization policy constraint "iam.disableServiceAccountKeyCreation" is enforced on your organization.'
To enable the creation of service account keys, please follow these steps:
In the main interface of your cloud management platform, open the navigation menu from the top left corner.
Go to 'IAM & Admin' and select 'IAM'.
Access the list of projects, typically set up during the initial domain configuration.
Identify and select the organizational unit associated with your domain.
Verify that the account you are logged in with, preferably an organization administrator's account, has the following roles assigned:
Organization Administrator
Organization Policy Administrator
Owner: If any roles are missing, proceed to grant access.
In the role management section, add any necessary roles and save the changes.
Return to the project context you selected earlier, and go to 'Organization Policies'.
View active policies and look for the policy that disables service account key creation. Select the policy to manage it.
Adjust the policy settings by choosing to override the parent policy and set enforcement to off.
These steps should guide you through resolving policy restrictions to enable service account key creation effectively.
