Menu
When using GCP with cloud identity, we have a special a group which includes all users of the organization (all from cloud identity directory). It is perfect to give access to all users in the projects. However, it doesn't include the service accounts in projects.
My question is, is there any special group to include all service account which exists in the organisation and in their projects?
Describing the use case: We have some agents which we need to install in our compute engine instances. So, we would like to store the installers in a central bucket, and give permission in that bucket to all service accounts in our organization (with a special group permission, not handle all individual service account in the bucket...).
Thanks.
Regards, Vassco Silva
874
asked Nov 30 '25 14:11
You can use Google groups which uses a collection of user and/or service accounts. Once this is done, add the service accounts to the Google group and then assign the necessary IAM roles to the Google group.
159
answered Dec 07 '25 23:12
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With