Zero-Key GCP Setup: Binding a Service Account to Compute Engine for Vertex AI
June 2, 2026 • 6 min read
If you're running Indexu on Google Compute Engine, you can skip JSON key files entirely. By binding a service account directly to your VM, authentication happens automatically through the metadata server — no keys to store, rotate, or leak.
Why Service Binding Is Better Than JSON Keys
When you attach a service account to a GCE instance, the VM inherits that identity. Any process running on the VM can automatically authenticate using Google's Application Default Credentials (ADC) — no key file needed.
| JSON Key File | Service Binding (GCE) | |
|---|---|---|
| Secret to manage | JSON key file on disk or in env vars | None |
| Rotation | Manual key rotation required | Automatically handled by GCP |
| Leak risk | Key can be used from anywhere | Tied to the VM — useless elsewhere |
| Access revocation | Delete the key in IAM | Detach from VM or stop the instance |
| Works outside GCP? | Yes | No — VM must run on GCE |
Bottom line: If Indexu is deployed on GCE (or Cloud Run, GKE, App Engine), service binding is always the preferred method. Reserve JSON keys for deployments outside Google Cloud.
Step 1: Create the Scoped Service Account
The service account setup is identical to the JSON key approach — same least-privilege roles, same scope. The difference is how the VM uses it.
- Go to IAM & Admin → Service Accounts
- Click Create Service Account
- Name it
indexu-vertexai-gce - Assign exactly these roles:
| Role | What It Grants |
|---|---|
roles/aiplatform.user |
Access Vertex AI models for prediction |
roles/storage.objectUser |
Read/write objects in Cloud Storage buckets |
Click Done. Do not create any keys — you won't need them.
Step 2: Bind the Service Account to Your VM
Service account binding happens at the VM instance level. You have two options:
Option A: Set During VM Creation
When creating a new Compute Engine instance via the console:
- Expand the Identity and API access section
- Under Service account, select your
indexu-vertexai-gceaccount - Under Access scopes, choose Set access for each API
- Set Cloud Storage to Read Write
- Click Create
Option B: Update an Existing VM
If the VM is already running, you can update it via the gcloud CLI:
gcloud compute instances set-service-account INSTANCE_NAME \ --service-account=indexu-vertexai-gce@PROJECT_ID.iam.gserviceaccount.com \ --scopes=cloud-platform,storage-rw \ --zone=us-central1-a
The cloud-platform scope grants broad API access, but the service account's IAM roles still enforce the actual permissions. The effective access is the intersection of the VM's access scopes and the service account's IAM roles.
Scope tip: Using cloud-platform at the VM level and letting IAM roles control the actual permissions is the recommended pattern. It avoids scope conflicts and keeps IAM as the single source of truth for what the account can do.
Step 3: How Authentication Works (No Config Needed)
Once the service account is bound, authentication is fully automatic. Here's what happens under the hood:
- Your application code calls a Google Cloud API (Vertex AI or Storage)
- The Google client library detects it's running on GCE
- It queries the metadata server at
http://metadata.google.internal - The metadata server returns a short-lived OAuth 2.0 access token for the bound service account
- The client library attaches this token to the API request
You can verify this works by SSHing into your VM and running:
# Fetch an access token from the metadata server curl "http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/default/token" \ -H "Metadata-Flavor: Google"
This returns a JSON response with an access_token field — the same token the client libraries use automatically.
Indexu-specific: If Indexu detects the GOOGLE_APPLICATION_CREDENTIALS environment variable is not set, it automatically falls back to ADC — which on GCE means the metadata server. No configuration is required on your end beyond binding the service account.
Step 4: Set Up Vertex AI Quotas
Quota setup is the same regardless of how you authenticate. If you haven't already requested quota, do it now:
- Go to IAM & Admin → Quotas and search for Vertex AI
- Request increases for these metrics:
| Quota | Recommended |
|---|---|
| LLM online prediction requests per minute | 100 |
| Base model online prediction tokens per minute | 300,000 |
| Online prediction requests per minute | 60 |
| Concurrent online prediction requests | 5 |
Select each quota row, click Edit Quota, enter your desired limit, and provide a brief justification. Approval typically takes a few hours.
Step 5: Firewall and Network Considerations
Since your VM is the only entity that can use this service account, network security is simpler. However, there are a few things to check:
Egress Firewall Rules
Your GCE instance needs outbound access to these Google API endpoints:
aiplatform.googleapis.com(Vertex AI)storage.googleapis.com(Cloud Storage)oauth2.googleapis.com(token endpoint)metadata.google.internal(metadata server — always accessible internally)
If you use restrictive egress rules, make sure these endpoints are allowed. The easiest path is to allow outbound HTTPS (tcp:443) to 0.0.0.0/0 for your VM's subnet — Google APIs are internet-facing.
Private Google Access (Optional but Recommended)
For an extra layer of security, enable Private Google Access on your VPC subnet. This routes API traffic through Google's backbone instead of the public internet:
- Go to VPC network → VPC networks
- Click your VPC, then the subnet your VM is in
- Set Private Google Access to On
With this enabled, your VM never needs a public IP or internet gateway for Google API traffic.
Cost note: API traffic through Private Google Access does not incur egress charges, unlike traffic that goes out through a public IP. It's both more secure and cheaper.
Step 6: Verify the Setup
SSH into your GCE instance and run these tests to confirm everything is wired correctly:
# 1. Confirm the service account identity
gcloud auth list
# Expected: indexu-vertexai-gce@PROJECT_ID.iam.gserviceaccount.com (active)
# 2. Test Vertex AI access via the metadata token
ACCESS_TOKEN=$(curl -s "http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/default/token" \
-H "Metadata-Flavor: Google" | python3 -c "import sys,json; print(json.load(sys.stdin)['access_token'])")
curl -s -X POST \
-H "Authorization: Bearer $ACCESS_TOKEN" \
-H "Content-Type: application/json" \
"https://us-central1-aiplatform.googleapis.com/v1/projects/PROJECT_ID/locations/us-central1/publishers/google/models/gemini-2.5-flash:streamGenerateContent" \
-d '{"contents":[{"role":"user","parts":[{"text":"Say hello"}]}]}'
# 3. Test Cloud Storage access
gsutil ls gs://your-bucket-name/
# 4. Verify no key file is needed
echo $GOOGLE_APPLICATION_CREDENTIALS
# Expected: (empty)
If all three succeed and GOOGLE_APPLICATION_CREDENTIALS is empty, your setup is complete and fully keyless.
Summary
With service account binding, you've achieved a setup that is:
- Keyless — no JSON file to store, rotate, or protect
- Scoped — only
aiplatform.userandstorage.objectUserpermissions - VM-bound — credentials are inherently tied to the instance and can't be used elsewhere
- Zero-config — Indexu picks up the service account automatically via ADC
This is the recommended setup for any Indexu deployment running on Google Compute Engine. Compared to the JSON key approach, it eliminates the most common security concern — leaked credentials — while requiring less ongoing maintenance.
Need help deploying Indexu on GCE?
Contact us and we'll help you configure the instance, service account, and networking for a production-ready setup.