Introduction to the provisioning credential for Google Cloud
The provisioning credential for Google Cloud relies on a service account that can be assumed by CDP.
The following flow describes how the Google Cloud provisioning credential works:
- Your GCP account administrator creates a service account and assigns the minimum permissions allowing CDP to create and manage resources in your Google Cloud account. Next, the administrator generates a service account access key pair for the service account. The minimum permissions are described in Service account for the CDP provisioning credential.
- The service account is registered as a credential in CDP and its access key is uploaded to CDP.
- The credential is then used for registering your Google Cloud environment in CDP.
- Once this is done, CDP uses the credential for provisioning environment-related resources, workload clusters, and resources for other CDP services that you run in CDP.