Using service account keys to authenticate a service account is generally discouraged, but sometimes difficult to avoid. The most common way to use service account keys is to create a new key by using the Cloud Console or gcloud, and then to save the key file on the machine where it’s needed. That process sounds simple enough, but in reality it’s often more complex: There might be multiple persons involved: As the user deploying the application, you might lack the permission to create the...
