Become an expert in R — Interactive courses, Cheat Sheets, certificates and more!
Get Started for Free
Documentation
R
googleAuthR

gar_service_create

Work with service accounts via the API

Description

These functions let you create a service JSON key from an OAuth2 login. You can then assign it roles and do a one time download of a service account key to use for authentication in other Google APIs

Usage

gar_service_create(
  accountId,
  projectId,
  serviceName = "googleAuthR::gar_service_create",
  serviceDescription = "A service account created via googleAuthR"
)

gar_service_grant_roles(
  accountIds,
  roles,
  projectId,
  type = c("serviceAccount", "user", "group")
)

gar_service_get_roles(
  projectId,
  accountId = NULL,
  type = c("serviceAccount", "user", "group")
)

gar_service_key(
  accountId,
  projectId,
  file = paste0(accountId, "-auth-key.json")
)

gar_service_key_list(accountId, projectId)

gar_service_list(projectId)

gar_service_get(accountId, projectId)

Arguments

accountId

The service accountId
projectId

The projectId containing the service account
serviceName

Name of service account
serviceDescription

Description of service account
accountIds

A vector of accountIds in the form accountId@projectid.iam.gserviceaccount.com
roles

A character vector of roles to give the accountIds e.g. roles/editor - see list of roles here https://cloud.google.com/iam/docs/understanding-roles#predefined_roles or in your GCP console https://console.cloud.google.com/iam-admin/roles/details/roles
type

The type of accountId to add role for - e.g. user:mark@me.com or serviceAccount:accountId@projectid.iam.gserviceaccount.com
file

The file to download the private JSON key to

Details

It will download the existing roles, and append the role you add to it here.

If you supply an accountId to gar_service_get_roles then it will return only those roles that accountId has.

Value

If it already exists, returns it via gar_service_get, else creates the service key

See Also

Combine these functions to provision emails in one step with gar_service_provision

https://cloud.google.com/iam/docs/reference/rest/v1/projects.serviceAccounts.keys/create

Other IAM functions: gar_service_provision()

Examples

## Not run: 

# all roles
projectId <- gar_set_client(
                json = Sys.getenv("GAR_CLIENT_JSON"), 
                scopes = "https://www.googleapis.com/auth/cloud-platform")
gar_service_get_roles(projectId)

# roles for one accountId
gar_service_get_roles(
    projectId, 
    accountId = "1080525199262@cloudbuild.gserviceaccount.com")


## End(Not run)
## Not run: 
 library(googleAuthR)
 gar_set_client(scopes = "https://www.googleapis.com/auth/cloud-platform")
 gar_auth()
 gar_service_create("test12345678", "my-project")
 
 gar_service_get("test12345678@my-project.iam.gserviceaccount.com", 
                 projectId = "my-project")
 
 gar_service_grant_roles("test12345678@my-project.iam.gserviceaccount.com",
                         role = "roles/editor",
                         projectId = "my-project")
 
 gar_service_key("test12345678", "my-project", "my-auth.json")
 
 gar_service_list("my-project")
 
 gar_service_key_list("test12345678", "my-project")

## End(Not run)
googleAuthR

Authenticate and Create Google APIs

v1.4.0
MIT + file LICENSE
Authors
Mark Edmondson [aut, cre] (<https://orcid.org/0000-0002-8434-3881>), Jennifer Bryan [ctb], Johann deBoer [ctb], Neal Richardson [ctb], David Kulp [ctb], Joe Cheng [ctb]
Initial release

We don't support your browser anymore

Please choose more modern alternatives, such as Google Chrome or Mozilla Firefox.