GCP Service Account
Jump to navigation
Jump to search
A GCP Service Account is a cloud service account for Google GCP (used to authenticate and authorize actions in GCP services programmatically).
- Context:
- It can (typically) be created within a GCP Project.
- It can (typically) be assigned GCP IAM Roles (for controlling access to GCP services).
- It can (typically) be used in conjunction with API Keys and OAuth Tokens for accessing Google Workspace products programmatically.
- It can be used by applications or workloads for making authorized API calls in Google Cloud Platform.
- It can be identified by its unique email address.
- It can be associated with various roles to access Google Cloud resources, much like regular user accounts.
- It can act as the identity for the GCP Service, rather than individual users.
- It can range from being a User-Managed GCP Service Account or being a Google-Managed GCP Service Account, depending on who is responsible for the service account.
- It can be listed in a GCP Service Account Console Report [1].
- …
- Example(s):
my-service-account@my-project.iam.gserviceaccount.com
.app-engine-service-account@appspot.gserviceaccount.com
.vertex-ai-and-bucket@mdable-ml.iam.gserviceaccount.com
.- ...
- Counter-Example(s):
- A GCP User Account.
- An AWS IAM Role.
- A GCP API Key used without a service account for authentication.
- …
- See: GCP Account, GCP IAM Role, Google Cloud IAM, Google Workspace Automation, Programmatic GCP Access.