Using Console
Using CLI
<project-id>
with your GCP project ID and <service-account-email>
with the email address of the service account that you want to remediate.roles/iam.serviceAccountTokenCreator
role assigned to it. If yes, then it needs to be removed.
roles/iam.serviceAccountTokenCreator
role from the service account:
<project-id>
with your GCP project ID and <service-account-email>
with the email address of the service account that you want to remediate.roles/iam.serviceAccountTokenCreator
role has been removed from the service account by running the command in step 4 again.Using Python
<path_to_service_account_key_file>
, <service_account_user_email>
and <project_id>
with the appropriate values.