[googlecomput]Is there any option to start a vm with an service account without its JSON file?

[kohei_k...@cetlog.jp]

Hi, there.

I'm reading https://www.packer.io/docs/builders/googlecompute.html to make a VM image on GCP and wondering how to specify the service account which is attached to the vm instance to make the image.

The document says that account_file option works for such a use case but, when it comes to a process running on a VM instance, any process has permission to use the instance default service account without any JSON key file and, I think, the packer process should also be able to use the service account without any JSON key file to start a VM.

Is there any good option or good practice to start an VM without specifying a JSON key file?

Best,

--

Kohei Kawasaki

[kohei_k...@cetlog.jp]

I found a solution for it.

Making a JSON whose content is {"client_email": "service...@my-project.iam.gserviceaccount.com} and providing Packer with the path as `account_file` works for me.