Where can I see the PubSub service account?
The PubSub service account is service-<PROJECT_NUMBER>@gcp-sa-pubsub.iam.gserviceaccount.com
The command described here to create an IAM policy binding succeeds, which shows that the service account exists.
But it does not appear in
- the list of service accounts in the console
https://console.cloud.google.com/iam-admin/serviceaccounts?project=<PROJECT>(screenshot below) - nor in the IAM permissions list
https://console.cloud.google.com/iam-admin/iam?project=<PROJECT>, even when I check "Include Google-provided role grants" - nor in the output of
gcloud iam service-accounts list --project <PROJECT>.
Where can I see this service account listed?
The service-<PROJECT_NUMBER>@gcp-sa-pubsub.iam.gserviceaccount.com is a Google managed service account, therefore, you can see it in the list YOUR PROJECT service accounts.
In addition, you have granted this service account on a TOPIC resource and not on a PROJECT resource. Therefore, when you go on the iam-admin page, you can see the service account at the PROJECT ressource.
Anyway, you could be able to view it in the iam-admin page by checking Include Google-provided role grants
Because you have granted the service account at TOPIC resource level, you can see it in the TOPIC page
Go to the topic page, check a topic and go to the right-hand panel, in the permission section and look at the role that you grant on the service account. You will find it
- How to make the server backend of a mobile app?
- How to use GCP Backend Bucket with regional subnet using terraform
- 403 iam.serviceAccounts.actAs permission error trying to attach a service account to a resource in another project
- Cloud Run: mounting volume timed out: The NFS server may not be reachable or may not exist
- Migration from Container Registry to Artifact Registry for App Engine Standard Deployments
- Google Cloud: Access to image has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource
- Im creating a VM using terraform code in GCP. I would like to inject a script that runs when the vm is created upon startup
- QUOTA_EXCEEDED : Exceeded daily quota for email sign-in in spite of using my SMTP settings
- How do I add share drive access to a google service account
- google.cloud namespace import error in __init__.py
- difference between docker BRIDGE and HOST driver?
- How can I connect an externally hosted MySQL database to BigQuery?
- Issue when trying to register an app for consent screen in google oauth
- Google Cloud Platform Trace from Cloud Function Invocation to Cloud Run HttpRequest
- Google OAuth 2 Error 400: redirect_uri_mismatch but redirect uri is compliant and already registered in Google Cloud Console
- Firebase Firestore timestamp not allowed inside array
- Why am I not able to get the env var values from google secret manager?
- changing image repository from Container Registry to Artifact Registry
- ALS (Alternating Least Square) algorithm in multiple rankings for a user
- Unable to connect to Gemini / Vertex AI
- How can I get Firebase Authentication ID tokens to work with Google Cloud Identity Platform so they get validated?
- How to identify the storage space left in a persistent volume claim?
- Cloud Run container stops processing when running parallel FastAPI background tasks
- GCP Cloud Storage - Golang aws sdk2 - Upload file with s3 INTEROPERABILITY Creds
- Creating folders using GCP PHP Client Libraries
- GKE Fluent bit partial logs
- Data loading and transformation from gcs to bigquery
- How to forcefully stop an operation on GKE cluster and thereby delete GKE cluster?
- Apache Beam with Dataflow: flag 'ignore_unknown_columns' for WriteToBigQuery not working
- Google Speech to Text - Not Getting the transcription | SOLVED