Automating tasks with gcloud
A large part of building effective development and operations workflows is automation. For repetitive tasks, automation means reducing toil and lowering the likelihood of making careless mistakes. Google is very big on task automation, and the need to automate tasks plays a big role in how Google approaches designing tools and services. The gcloud tool is often a central component for automating tasks involving Google Cloud Platform, and its developers have made sure that it fits this role well.
As mentioned earlier in this chapter, gcloud is capable of handling authorization via both user credentials and service accounts. When it comes to automation, service account authorization is the preferred method. This is true for a few reasons:
- User account authorization tokens expire
- A service account can be limited to permissions needed for a specific task
- Compromised service accounts are more easily rectified
A good first step when automating a task for GCP is to create...