I have a bunch of gcloud and firebase predefined service accounts and I have to know which one calls a cloud function triggered by a cloud task so that I can give the cloud function invoker role. Is that possible or do I have to generate a new service account?
You should be able to specify the service account that Cloud Tasks uses to invoke when queueing the task (see these docs):
{
httpRequest: {
httpMethod: 'POST',
url,
oidcToken: {
serviceAccountEmail: '<your-sa>@<your-project>.iam.gserviceaccount.com',
},
},
}