diff --git a/awx/main/models/credential/injectors.py b/awx/main/models/credential/injectors.py
index 945077851a..6bb4c7936f 100644
--- a/awx/main/models/credential/injectors.py
+++ b/awx/main/models/credential/injectors.py
@@ -19,8 +19,9 @@ def gce(cred, env, private_data_dir):
     project = cred.get_input('project', default='')
     username = cred.get_input('username', default='')
 
-    env['GCE_EMAIL'] = username
-    env['GCE_PROJECT'] = project
+    if 'INVENTORY_UPDATE_ID' not in env:
+        env['GCE_EMAIL'] = username
+        env['GCE_PROJECT'] = project
     json_cred = {
         'type': 'service_account',
         'private_key': cred.get_input('ssh_key_data', default=''),
diff --git a/awx/main/models/inventory.py b/awx/main/models/inventory.py
index 057c99f325..82b1455fa2 100644
--- a/awx/main/models/inventory.py
+++ b/awx/main/models/inventory.py
@@ -1912,13 +1912,14 @@ class PluginFileInjector(object):
         # some sources may have no credential, specifically ec2
         if credential is None:
             return injected_env
+        if self.base_injector in ('managed', 'template'):
+            injected_env['INVENTORY_UPDATE_ID'] = str(inventory_update.pk)  # so injector knows this is inventory
         if self.base_injector == 'managed':
             from awx.main.models.credential import injectors as builtin_injectors
             cred_kind = inventory_update.source.replace('ec2', 'aws')
             if cred_kind in dir(builtin_injectors):
                 getattr(builtin_injectors, cred_kind)(credential, injected_env, private_data_dir)
         elif self.base_injector == 'template':
-            injected_env['INVENTORY_UPDATE_ID'] = str(inventory_update.pk)  # so injector knows this is inventory
             safe_env = injected_env.copy()
             args = []
             credential.credential_type.inject_credential(
@@ -2327,6 +2328,12 @@ class gce(PluginFileInjector):
 
     def get_script_env(self, inventory_update, private_data_dir, private_data_files):
         env = super(gce, self).get_script_env(inventory_update, private_data_dir, private_data_files)
+        cred = inventory_update.get_cloud_credential()
+        # these environment keys are unique to the script operation, and are not
+        # concepts in the modern inventory plugin or gce Ansible module
+        # email and project are redundant with the creds file
+        env['GCE_EMAIL'] = cred.get_input('username', default='')
+        env['GCE_PROJECT'] = cred.get_input('project', default='')
         env['GCE_ZONE'] = inventory_update.source_regions if inventory_update.source_regions != 'all' else ''  # noqa
 
         # by default, the GCE inventory source caches results on disk for
@@ -2367,8 +2374,6 @@ class gce(PluginFileInjector):
         credential = inventory_update.get_cloud_credential()
 
         # auth related items
-        from awx.main.models.credential.injectors import gce as builtin_injector
-        ret['service_account_file'] = builtin_injector(credential, {}, private_data_dir)
         ret['projects'] = [credential.get_input('project', default='')]
         ret['auth_kind'] = "serviceaccount"
 
@@ -2414,11 +2419,6 @@ class gce(PluginFileInjector):
             ret['zones'] = inventory_update.source_regions.split(',')
         return ret
 
-    def get_plugin_env(self, inventory_update, private_data_dir, private_data_files):
-        # gce wants everything defined in inventory & cred files
-        # this explicitly turns off injection of environment variables
-        return {}
-
 
 class vmware(PluginFileInjector):
     # plugin_name = 'vmware_vm_inventory'  # FIXME: implement me
diff --git a/awx/main/tests/data/inventory/plugins/gce/env.json b/awx/main/tests/data/inventory/plugins/gce/env.json
index f18da63d1c..91d08e70ee 100644
--- a/awx/main/tests/data/inventory/plugins/gce/env.json
+++ b/awx/main/tests/data/inventory/plugins/gce/env.json
@@ -1,3 +1,4 @@
 {
-    "ANSIBLE_TRANSFORM_INVALID_GROUP_CHARS": "never"
+    "ANSIBLE_TRANSFORM_INVALID_GROUP_CHARS": "never",
+    "GCE_CREDENTIALS_FILE_PATH": "{{ file_reference }}"
 }
\ No newline at end of file
diff --git a/awx/main/tests/data/inventory/plugins/gce/files/file_reference b/awx/main/tests/data/inventory/plugins/gce/files/GCE_CREDENTIALS_FILE_PATH
similarity index 100%
rename from awx/main/tests/data/inventory/plugins/gce/files/file_reference
rename to awx/main/tests/data/inventory/plugins/gce/files/GCE_CREDENTIALS_FILE_PATH
diff --git a/awx/main/tests/data/inventory/plugins/gce/files/gcp_compute.yml b/awx/main/tests/data/inventory/plugins/gce/files/gcp_compute.yml
index 7192bf8647..17ee2f3b62 100644
--- a/awx/main/tests/data/inventory/plugins/gce/files/gcp_compute.yml
+++ b/awx/main/tests/data/inventory/plugins/gce/files/gcp_compute.yml
@@ -44,7 +44,6 @@ plugin: gcp_compute
 projects:
 - fooo
 retrieve_image_info: true
-service_account_file: {{ file_reference }}
 use_contrib_script_compatible_sanitization: true
 zones:
 - us-east4-a