A Service Account is an identity you create within your Root User account that has specific permissions. It shares some similarities with an IAM User Account. To clarify, both Service Accounts and IAM User Accounts are identities with permission policies that define what they can and cannot do with Greennode AI Platform resources. However, a Service Account is used by an application or machine, not a person, to make authorized API calls and access specific resources.

Step 1: Create a Service Account

To create a new Service Account:

1. Access the IAM Console: https://iam.console.greennode.ai/
2. Click on "Service account" in the left menu.
3. Click "Create service account."
4. Enter the Service Account information, including name and optional description.
5. Attach the necessary policies.
6. Review the settings and click "Create service account" in the upper right corner.
7. Save the Client Secret Key information.

Tip: Be sure to save the Client Secret somewhere safe, as it is only displayed once.

Step 2: Assigning Permissions to a Service Account

To attach policies to a Service Account:

1. Access the IAM - Service Account page at: https://iam.console.greennode.ai/service-accounts
2. Log in as the Root User or a User Account with appropriate permissions. You will need to provide your username/email and password.
3. Search for the Service Account by entering its name in the search bar and selecting the correct result.
4. By default, you will see the "Permissions" tab on the Service Account details page.
5. Click the "Attach Policies" button, and a window will pop up containing all policies.
6. Search for existing policies by entering the exact policy name in the search bar.
7. Select the policies from the search results and click the "Attach" button in the lower right corner of the popup window.
8. Your Service Account will now have all the permissions contained in the attached policies.

Step 3: Managing Service Account Credentials

A Service Account includes credentials (Client ID and Secret Key). You need to store the Secret Key or download it after creating the Service Account. However, you can also recreate the Secret Key at any time.

1. Access the Service account page in the IAM Console: https://iam.console.greennode.ai/service-accounts
2. Log in as the Root User or a User Account with appropriate permissions. You will need to provide your username/email and password.
3. Search for the Service Account by entering its name in the search bar and selecting the correct result from the list.
4. Click the "Security credentials" tab in the Service Account details. You will see information as shown below, and you can perform the following actions:
   1. Copy the Client ID.
   2. Reset the Client Secret and remember to save the new Secret.
   3. Activate/Deactivate the Service Account by changing the Status.

Step 4: Deleting a Service Account

You can delete a Service Account by following these two options:

1. Delete multiple Service Accounts at once:
   • Access IAM with the Root User Account.
   • Click on "Service account" in the left menu.
   • Select the Service Accounts you want to delete (a "Delete" button will be enabled in the upper right corner when you select at least one account).
   • Click the "Delete" button. A confirmation dialog will appear to ensure you are not deleting the wrong accounts. Then, click the "Confirm" button to complete the process.
2. Delete a single Service Account: We recommend accessing the details of the Service Account and deleting it from there to ensure you are not deleting the wrong account.