When you add a GCP cloud account, you use a private key for a GCP service account. If you need to delete this private key in GCP for security reasons, you can download a new key and update the GCP cloud account with the new key.
Access: | Views > Inventory > Infrastructure or Applications |
Available to: | Commander Roles of Superuser and Enterprise Admin |
- In the GCP console, download a new private key for the service account used to add the cloud account to Commander. To do so:
- Use the navigation menu to navigate to IAM & admin.
- In the header, select the project where the service account was created.
- In the left menu, select Service accounts.
- On the Service accounts page, select the service account whose private key you need to update.
- Click Edit.
- Click Create Key.
- In the dialog that appears, keep the default key type, JSON, and click Create.
- If your browser prompts you to save the file, save it to a known location.
A JSON file that contains your key will download to your computer. This is the only time when you can download this private key.
- Click Cancel to exit Edit mode.
- In Commander, from the Inventory tree, select the GCP cloud account, then select Actions > Edit Cloud Account.
- In the Edit Cloud Account dialog, for Private Key (JSON) File, browse to the location of the new private key.
Commander validates the file to ensure that it's a private key file in JSON format. If the file is valid, Commander displays the Client ID and the Client Email for this service account.
- Click OK.
Commander now uses the new private key for authentication.
- In the GCP Console, it's now safe to delete the private key that was originally used for the GCP cloud account.