This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

How to use new service account key for the service account in GCP?

Posted on 03-26-2023 11:50 PM
shegde
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

Hi, 

I have created the new service account key and also updated the overrides.yaml file with new key.

after updating , i have disabled the old service account key for testing. But still the application and services are using the old service account key and throwed error. 

Help me with how to switch from old key t new key for service account 

0 3 344
Topic Labels
0 Likes
3 REPLIES 3

Posted on --/--/---- --:-- AM
ganadurai
Staff
Reply posted on --/--/---- --:-- AM

After updating overrides.yaml did you execute "apigeectl apply" ? You must check on the pods to confirm its recycled post  "apigeectl apply" (by checking the Age value on the "kubect get pods -n apigee" command)

Thanks

0 Likes

Posted on --/--/---- --:-- AM
shegde
Bronze 3
Bronze 3
In response to ganadurai
Reply posted on --/--/---- --:-- AM

yes , i have executed the apply command and the pods got restarted . after restarting also the services were using old key.. 

0 Likes

Posted on --/--/---- --:-- AM
ganadurai
Staff
In response to shegde
Reply posted on --/--/---- --:-- AM

How are you claiming the services are using the old key. 

Checkout the secrets ****-svc-account in the apigee namespace. If you look into the yaml descriptor of the secret, the value for key "private_key_id" will match to the SA key name in GCP.

The "apply" command will re-configure the kubernetes secrets "****-svc-account" with the contents of the GCP key file. This secret will be referenced within the pods.

Thanks

0 Likes
Top Solution Authors
View all