Investigating the usage of GCP Service Accounts
Service accounts on Google Cloud are used when a workload needs to access resources or conduct actions without end-user involvement. There are multiple methods of authenticating using service accounts, including using service accounts as part of Google Compute Engine instances, impersonating service accounts, or using service accounts with a key file -- an option which should be carefully considered. A common objective is to achieve keyless service account architectures on Google Cloud, but this can be difficult across an entire organization. There are a number of reasons why teams may opt to generate service account keys, ranging from developer validation [...]