Cloud Services
      Back to home
      1. Help Center
      2. Troubleshooting
      3. Cloud Services

      GCP IAM - Service Account Key Creation

      Fixing the policy that blocks service account key creation in GCP

      🔍 Why This Happens

      If you’re getting this error when creating a service account key, it’s likely because your organization has a policy that blocks key creation. In the past, an admin had to enforce this for it to take effect, but Google Cloud has now made it the default behavior.

      ✅ What You Need to Do

      To re-enable service account key creation:

      • Go to IAM & Admin in your GCP console →

      • Select Organization Policies

      • Click View Constraints

      • Find the policy “Disable service account key creation”

      • Open the Actions menu (three dots) →

      • Click Edit Policy

      • Change the policy status to Not Enforced.

      Once updated, you’ll be able to create service account keys again.