GCP Service Account Auth Key

Bridgecrew Policy ID: BC_GIT_79Checkov Check ID: CKV_SECRET_79Severity: MEDIUM

GCP Service Account Auth Key


A Google Cloud Platform (GCP) service account auth key is a file that provides authentication credentials for a GCP service account. GCP service accounts are a way to authenticate and authorize applications and services running on GCP, and they can be used to access various GCP services, such as Cloud Storage, BigQuery, or Compute Engine.

Fix - Buildtime


To revoke the key

  1. Go to the GCP Console and navigate to the Service Accounts page.
  2. Find the service account associated with the auth key you want to revoke and click on it.
  3. Click on the "Keys" tab to see a list of all the auth keys associated with the service account.
  4. Find the auth key you want to revoke and click on the "Actions" button on the right side of the row.
  5. Select "Delete" from the dropdown menu.
  6. In the confirmation dialog that appears, click "Delete" to confirm the deletion of the auth key.