Deleted default Compute Engine service account prevents creation of GKE Autopilot Cluster

Question

For some reason it seems my project no longer has a default Compute Engine service account. I might of deleted some time ago and forgotten.

That's fine, as I usually assign specific service accounts when needed and rarely depend on the default one.

However, I am now trying to create an Autopilot GKE cluster, and I continue to get the annoying error:

Service account "1673******-compute@developer.gserviceaccount.com" does not exist.

In the advanced options there is no possibility to select another service account.

I have seen other answers on StackOverflow regarding recreating the default account. I have tried those answers, as well as attempting to undelete. So far I have not had success with any.

How can I do one of the following:

1. Create a new default Compute Engine service account

2. Tell GKE which service account to use when creating an Autopilot cluster

Answer 1

When creating your cluster you just need to add this flag to specify your own SA

--service-account=XXXXXXXX

eg

gcloud beta container --project "xxxxxx" clusters create-auto "autopilot-cluster-1" --region "us-central1" --release-channel "regular" --network "projects/xxxxxxx/global/networks/default" --subnetwork "projects/xxxxxx/regions/us-central1/subnetworks/default" --cluster-ipv4-cidr "/17" --services-ipv4-cidr "/22" --service-account=xxxxxxxxxxxxx.iam.gserviceaccount.com