Skip to main content

Dreaded iam.disableServiceAccountKeyCreation error

  • June 6, 2025
  • 2 replies
  • 67 views
J
Forum|alt.badge.img+1

I am running into the Service Account Key Creation Error. I have tried just about everything:

Here is the error: 

Here are the permissions:

Here are the policy mods:

It make no difference if we enforce or not enforce the override.

What am I missing?

Thanks

Jeff

    2 replies

    vaskenh
    Staff
    Forum|alt.badge.img+13
    • vaskenh
    • Staff
    • June 8, 2025

    Hi @JeffFlowers , in this scenario when you check the larger list of Organizational Policies (the page from the final screenshot), do you see a similarly-named one called iam.disableServiceAccountKeyCreation

    When I look at your screenshot, the policy that is being highlighted in the error on the first screen is actually this policy (the one I highlight in bold above) rather than the similarly-named one called iam.managed.disableServiceAccountKeyCreation which definitely looks disabled just like you pointed out.

    Can you take another look in the Organization Policies and verify that the exact policy mentioned in the error is also disabled?

      M
      Forum|alt.badge.img+4
      • MustacheBronze 3
      • Bronze 3
      • June 17, 2025

      Was this solved? If so, it would be helpful if you marked the answer 🙂 

       

      Thanks!

       

        Terms & ConditionsCookie settingsAccessibility statement
        Privacy Policy Terms of Service Gen AI Policy Community Guidelines Cookie Settings

        © 2025 Google. All rights reserved.