Solution for What is significant difference in GCP default service account & custom service account?
is Given Below:
I have associated a custom service account to the VM, when I execute this
curl "http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/" -H "Metadata-Flavor: Google"
command from the VM I am getting two service accounts
From Google Cloud Platform UI/web I can see only one service account associated with the VM.
The permission granted to the
[email protected]/ is getting reflected for the
default service account.
What is the significant difference between these two service accounts?
Can we associate multiple service account to the VM?
Both entries in the metadata are the same service account.
default is an alias for the actual service account email address. That way you do not need to know the service account assigned to the service, which would require knowing or hardcoding the service account email address.