Unable to create a service account key for app rel...

vrampello · 06-11-2024 12:27 AM

Hi everybody, before doing this post I gave a look around for some other posts about the topic, but I didn't manage to find anything similar. So basically as you can see from the title I need to generate a key for the release of an android app, and I have all the permission to do it, but when I try to enforce the policy iam.disableServiceAccountKeyCreation, I get the following error from the google api:

errorType: DATA_FETCHING_EXCEPTION

message: Permission 'orgpolicy.policies.create' denied on resource '//cloudresourcemanager.googleapis.com/projects/projectname-425010' (or it may not exist).

Do you have any idea why it might happen?

DamianS

Hello @vrampello ,Welcome on Google Cloud Community.

Your project is under Organization where Organization Policy constraint prevent keys creation. If you don't have organization in place, ergo you are not established / configured Organization, this Org Policy has been enforced by default as security standard by Google some time ago. This topic has been talked about a lot of times, so I've created medium.com post about this error and how to handle it.

article url: https://medium.com/google-cloud/troubleshooting-101-solving-the-service-account-key-creation-is-disa...

--
cheers,
DamianS
LinkedIn medium.com Cloudskillsboost

vrampello

thanks a lot man. that means I didn't do well my researches. I'll check your guide and have a nice day.

Unable to create a service account key for app release