本機的應用程式若要以GCP SDK操作GCP資源,可設定ADC憑證(Application Default Credentials)來達成。
範例環境:
- macOS Ventura 13.0.1
- zsh 5.8.1 (x86_64-apple-darwin22.0)
- Google Cloud SDK 417.0.1
事前要求
設定
在命令列輸入gcloud auth application-default login會在瀏覽器開啟登入頁面並要求允許權限。
% gcloud auth application-default login
Your browser has been opened to visit:
https://<log_in_and_grant_access_page_url>
Credentials saved to file: [/Users/<user>/.config/gcloud/application_default_credentials.json]
These credentials will be used by any library that requests Application Default Credentials (ADC).
WARNING:
Cannot add the project "<project-id-1>" to ADC as the quota project because the account in ADC does not have the "serviceusage.services.use" permission on this project. You might receive a "quota_exceeded" or "API not enabled" error. Run $ gcloud auth application-default set-quota-project to add a quota project.
點選[允許]。
設定完成後會在/Users/<user>/.config/gcloud($HOME/.config/gcloud)目錄下新增憑證檔application_default_credentials.json。
設定GOOGLE_APPLICATION_CREDENTIALS環境變數
接著設定環境變數GOOGLE_APPLICATION_CREDENTIALS的值為application_default_credentials.json的路徑,即GOOGLE_APPLICATION_CREDENTIALS=$HOME/.config/gcloud/application_default_credentials.json。
範例為zsh shell所以執行以下來設定環境變數。
% echo 'export GOOGLE_APPLICATION_CREDENTIALS=$HOME/.config/gcloud/application_default_credentials.json' >> ~/.zshenv
輸入echo $GOOGLE_APPLICATION_CREDENTIALS顯示值是否設定正確。
% echo $GOOGLE_APPLICATION_CREDENTIALS
/Users/user/.config/gcloud/application_default_credentials.json
沒有留言:
張貼留言