- If you're calling Google and Google Cloud APIs that require service account credentials, the Google Auth library for Node.js can get these credentials from the application default credentials, which are automatically populated in Cloud Functions.
I need to access Google Drive API from my Cloud Functions, and for this reason I deploy the key of a service account (the json file) that has access to Google Drive API, and I refer to it in the code.
According to the point above, I should not do it. Is that correct?
The solution would be either
- Add Google Drive API permission to the application default service account, or
- Use Google Secret Manager.
Is this correct, or am I missing something?
Have a good week,