Enabling APIs within projects
In this we will learn about Enabling APIs within projects.
However, when an API requires an API key and the API is associated with a Google Cloud project that you don’t have access to, you have the following options to obtain an API key:
- Firstly, Ask a member of the Google Cloud project to create an API key for you.
- Secondly, Ask a member of the Google Cloud project to grant you access to the project so that you can create an API key in the same project that the API is associated with.
- Lastly, Ask a member of the Google Cloud project to grant you access to enable the API in your own Google Cloud project so that you can create an API key.
Enabling an API
If you used option 3 and asked someone to grant you access to enable the API. Then, follow the steps below to enable the API in your own Google Cloud project.
To enable an API:
- Firstly, in the Cloud Console, go to APIs & services for your project.
- Secondly, on the Library page, click Private APIs. If you don’t see the API listed, that means you haven’t been granted access to enable the API.
- Then, click the API you want to enable. If you need help finding the API, use the search field.
- Lastly, on the page that displays information about the API, click Enable.
Granting and revoking access to the API
Granting access
- Firstly, in the Cloud Console, go to the Endpoints > Services page for your project.
- Secondly, if you have more than one API, click the name of the API.
- Thirdly, if the Permissions side panel isn’t open, click +Permissions.
- Fourthly, in the Add members box, enter the email address of a user, service account, or Google Group.
- Then, in the Select a role drop-down, click Service Management, and select one of the following roles:
- Service Consumer: This role contains the permissions for a non-project member to view and enable the API in their own project.
- Service Controller: This role contains the permissions to make calls to the check and report methods in the Service Infrastructure API during runtime.
- Next, Service Config Editor: This role contains the minimum permissions that Service Management requires to deploy an Endpoints configuration to an existing service.
- Service Management Administrator: This role contains the permissions in the Service Config Editor, Service Consumer, and Service Controller roles, plus the permissions required to grant access to this API.
- After that, to add the member to the specified IAM role, click Add.
- Now, repeat adding members and selecting the role, as needed.
- Lastly, The Service Management roles don’t allow users to access the Endpoints > Services page in the Cloud Console. However, if you want users to be able to access the Endpoints > Services page. Then, you must grant them the Project Viewer role or a higher role on the project.
Revoking access
To revoke access to your API, remove the IAM role from the member who previously had the role.
- Firstly, in the Cloud Console, go to the Endpoints > Services page for your project.
- Secondly, if you have more than one API, click the name of the API.
- Thirdly, if the Permissions side panel isn’t open, click +Permissions.
- Next, locate the member for whom you want to revoke access. You can either click the applicable Role card to see a list of members, or you can enter a name or role in the Search members box.
- After that, click Delete delete.
Reference: Google Documentation
Are you preparing for Google Associate Cloud Engineer exam?Take a Quiz