Roshan
Reputation: 143
Difference between Google managed service account and default service account in GCP
I've been reading the Google Cloud documentation and can't exactly figure out what the difference between these two are. I know that both of them are automatically created in GCP, but I really don't know much more.
Upvotes: 2
Views: 2535
Answers (1)
guillaume blaquiere
Reputation: 75715
You aren't alone, and that's why google has started a new video series on this topic. To summarize,
- The Google managed service account are account created on Google side (managed by Google, you can't delete them) but that you can grant on your project to allow them to perform actions. They are also named service agent. They are used when you used serverless product, such as Cloud Build for example, or Cloud Run (to pull the image, not to run the instance)
- The default service account (mainly Compute Engine default service account and App Engine default service account) are service account created automatically in YOUR project (so managed by you, you can delete them if you want) when you activate some APIs. They are used by default when you create some service's instance.
Upvotes: 3
Related Questions
- GCP default service accounts best security practices
- What are the differences between GCP service accounts and user accounts?
- GCP Authentication OAuth vs Service Accounts
- What is significant difference in GCP default service account & custom service account?
- Does gce's default service account enable when I set my service account?
- What is the difference between service account and service agent in GCP
- Scope of Service Account in GCP
- GCP service accounts use case
- Google Cloud Service Account VS. End User Account
- Service accounts inconsistencies