Provide credentials using Application Default Credentials to authenticate your workloads across environments.
These different credentials do not have to authenticate the same user; logging in using gcloud auth login does not enable the ADC. I’ve written a blog post on this that goes into some more detail: Authentication on GCP: Application Default Credentials.
This command opens a browser to authenticate with your Google user account and stores the credentials for use only by the gcloud CLI. However, it does not configure Application Default Credentials (ADC), which means tools like Terraform, Python’s google-auth, and other SDKs will not pick up these credentials.
Learn how to set up and manage GCP Application Default Credentials for local development, including user credentials, service account keys, and service account impersonation.
For example, the GOOGLE_APPLICATION_CREDENTIALS environment variable can provide the default credential JSON as the input here, or the well-known path that gCloud uses to store the default user credential JSON.
Note: In production, using JSON keys is discouraged for security reasons. 2. User Credentials (via gcloud CLI) If the environment variable isn’t set, ADC looks for credentials created by the Google Cloud CLI. Usage: The standard for local development. Setup: You run gcloud auth application-default login.
Did you mean that I need to adjust the docker-compose.yaml file by adding another image and with type: bind, and write source and target pointing to application_default_credentials.json ?
In this tutorial we also covered how to create the required JSON credentials file, either by using user credentials or a Service Account, and how to set the GOOGLE_APPLICATION_CREDENTIALS environment variable to provide the location of the file.
Application Default Credentials (ADC) is a strategy in the Google Auth Library for Python that automatically finds the appropriate credentials for authenticating with Google Cloud services based on the application’s environment. This allows applications to run in multiple environments without code changes, simplifying development and deployment.