Learning - April 2021
April 2021

Google Cloud Platform Service Accounts

It seems like I’m looking for some general overview of how roles are managed, viewed, compared, and inherited.

How can you tell if a users (or a service accounts) roles are adequate, or too much or too little for a particular task? And what’s the difference between a user having some roles, and a user using a service account that has those roles.

It would also be nice to have some kind of adversarial test, that would identify how/if users or service accounts can create identities with more flexible permissions that their own.

These short videos are good, but they’re not a complete solution. I’m not sure where to look next.


Based on Jeff Geerlings book. There are 15 episodes. Jeff seems like a great guy. I’m going to try listen to one of these each day.


This is also a very useful article. I made notes from it in another post.


  • Good for local development. (Especially when on aeroplanes?)
  • Not as good for cloud providers as Terraform.
  • No more snowflake servers.