Re: GCP service account is limited to access Googl…

Update:

I just got an email from the Trust and Safety team about something else that explains what’s going on:

“Enforce access controls using Cloud IAM Policies via the following the steps:

1. Create a service account to access data from your users’ Google Cloud Platform project. You may want to create a service account for each customer to avoid confused deputy problems.
2. Instruct your customers to grant this service account appropriate access to their Cloud data via IAM Policies.”

So basically what they’re saying is that we should have one service account per user. That wasn’t a requirement before, but it seems that now they’re reinforcing it.

I had no idea we could have multiple account for the same thing. We’ll try this approach and see what happens.