google-cloud-platformgoogle-compute-enginegoogle-iam

What are the differences between GCP service accounts and user accounts?


I wanted to use a service account to manage VM instances on GCE remotely. It did not work. Therefore this question. One difference I found between a service account and a user account, after many hours of trial-error, is that there seems no way to use a service account to ssh in to a VM instance.

What are the other differences?

Links I found related to my question:

  1. https://groups.google.com/forum/#!topic/gce-discussion/Z6OMpVhvowQ
  2. Logging into google compute engine with a service account

Solution

  • By design, service accounts in Google are meant for non human users. They are a type of account used by resources in your google project (i.e. compute engine service account, app engine service account and etc).

    Service accounts are designed as a type of account that is used by your Google cloud resources to communicate with other Google cloud services i.e. GCE to App Engine to Cloud Function or App Engine to google APIS like: vision API, speech to text...), or App Engine to Cloud SQL, etc.

    You may refer to google documentation here for more details: