In this tutorial, we'll guide you through resolving the issue of the Service Account Key creation being disabled.




(Note: To achieve this, the account to be used must have an “Organization Policy Administrator” permissions. Using an Owner account is not enough. The instructions below include steps for assigning the required role, but you should also have administrative permissions such as Organization Admin and IAM Admin or an equivalent role with the necessary permissions to manage IAM roles and policies at the organizational level)


1. Click the dropdown menu.


2. Select the organization level. 


3. From the "Burger" menu, select [IAM & Admin] > IAM.


4. Click [Grant Access]. 


5. In [New Principals] Enter the account you are currently logged in with


6. In the [Role] select Organization Policy Administrator.


7. In the [Role] selector there is a filter that can be used to make this selection easier.


8. Click [SAVE]. 


9. Refer to Step 1 and switch the focus back to the project you created.


10. From the "Burger" menu, select [IAM & Admin] > [Organization policies]


11. From the list of organizational policies select [Disable service account key creation] - this is on the 2nd page of policies.


12. On the policy page click [Manage Policy]


13. Select [Override] parent's policy.


14. Add a rule and set enforcement off

15. Click [Set Policy].


16. Logout and back into the developer console.


Then, you should be able to proceed with creating service account keys.