No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

question - is there a programmatic way to provide pulumi GCP credentials as opposed to setting the env. export GOOGLE_CREDENTIALS ect ? Additionally is it possible to use a service account token with pulumi ?

Aside from `gcloud auth application-default login` ?

did you check out the <https://www.pulumi.com/registry/packages/gcp/installation-configuration/|config docs>?

&gt; Contents of a file that contains your service account private key in JSON format. You can download your existing Google Cloud service account file from the Google Cloud Console, or you can create a new one from the same page. Credentials can also be specified using any of the following environment variables (listed in order of precedence): `GOOGLE_CREDENTIALS`, `GOOGLE_CLOUD_KEYFILE_JSON`, `GCLOUD_KEYFILE_JSON`. The `GOOGLE_APPLICATION_CREDENTIALS` environment variable can also contain the path of a file to obtain credentials from. If no credentials are specified, the provider will fall back to using the Google Application Default Credentials. If you are running Pulumi from a GCE instance, see <https://cloud.google.com/compute/docs/access/create-enable-service-accounts-for-instances|Creating and Enabling Service Accounts for Instances> for details.

hey! thanks for the response. I did use this and it works but what I am trying to do is have pulumi create a list of service accounts (via cloudbuild) and then utilize those service accounts to build infrastructure per SA. I am wondering if there is a way to give pulumi a short lived token or credential to build per SA.