This guide helps you verify that your Fleet Engine authorization setup is
complete, and that you can create a trial delivery vehicle. This guide uses
the gcloud command line utility to test
authorization token signing and delivery vehicle creation.
To complete this process, replace the fields below with the data you created as part of the setup:
| Field | Replace with |
|---|---|
| PROJECT_ID | Your Cloud project ID. |
| SERVICE_ACCOUNT_EMAIL_ADDRESS | The email address of a service account you've created with the
roles/fleetengine.deliverySuperUser role. See
IAM Roles
for details.
|
| DELIVERY_VEHICLE_ID | A random ID for a delivery vehicle. The ID can contain a maximum of 64 characters. |
Use the
gcloudutility to log into the Google Cloud account and set the currently active project on your workstation:gcloud auth login gcloud config set project PROJECT_IDCreate a JSON Web Token (JWT) claim for delivery vehicle creation:
cat > claim.jwt << EOM { "iss": "SERVICE_ACCOUNT_EMAIL_ADDRESS", "sub": "SERVICE_ACCOUNT_EMAIL_ADDRESS", "aud": "https://fleetengine.googleapis.com/", "iat": $(date +%s), "authorization": { "deliveryvehicleid": "DELIVERY_VEHICLE_ID" } } EOMUse
gcloudto sign this JWT:gcloud beta iam service-accounts sign-jwt claim.jwt output.jwt \ --iam-account=SERVICE_ACCOUNT_EMAIL_ADDRESSThe signed JWT is stored in
output.jwt.Refer to the
gcloudcommand line guide for more details.Use
curlto create a test delivery vehicle on Fleet Engine:curl -X POST "https://fleetengine.googleapis.com/v1/providers/PROJECT_ID/deliveryVehicles?deliveryVehicleId=DELIVERY_VEHICLE_ID" \ -H "Content-type: application/json" \ -H "Authorization: Bearer $(cat output.jwt)" \ --data-binary @- << EOM { "name": "providers/PROJECT_ID/deliveryVehicles/DELIVERY_VEHICLE_ID" } EOMThis command should print the name of the delivery vehicle as output. If you see the following text, your setup is successful!
{ "name": "providers/PROJECT_ID/deliveryVehicles/DELIVERY_VEHICLE_ID" }See Create a vehicle in the Fleet Engine documentation for details.