1

The rotation of keys periodically is Google's recommended practice. As we know, we need a rotation key to automate the service account key. So is it possible to rotate the keys of multiple service accounts in single project using a single rotator key for automation of key rotation?

and also suggest if it is possible to rotate the keys of multiple service accounts from multiple projects using a single rotator key?

Please suggest a way if any.

Thanks in advance

John Hanley
  • 74,467
  • 6
  • 95
  • 159
Aniket Ghole
  • 192
  • 1
  • 11
  • 1
    What is a **rotator key**? Do you mean an IAM identity with the privilege to manage service account keys? Google Cloud Service Account Keys are not rotated. A new key is created and the old key deleted which emulates key rotation. The creation/deletion is a manual procedure per key. I am not aware of a Google provided automation tool. Note: the distribution of the new service account key must be put into your procedure. The deletion step will render existing keys useless breaking applications and services that use them. – John Hanley Sep 15 '21 at 07:41
  • Yes right. The rotator key here is new key that is created for automation of rotation. – Aniket Ghole Sep 15 '21 at 07:57
  • The creation/deletion is a manual procedure per key. – Serhii Rohoza Sep 20 '21 at 14:30

0 Answers0