> For the complete documentation index, see [llms.txt](https://docs.forestall.io/fsprotect/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.forestall.io/fsprotect/gcp-identities/service-accounts.md).

# Service Accounts

The `Service Accounts` page provides a list of enumerated Service Accounts in GCP.

## Service Accounts Details

The Details page includes the `Details` tab, and a `Visualize` button for enhanced navigation and analysis.

{% hint style="info" %}
You can analyze objects in the `Graph module` by clicking the `Visualize` button on the upper left side.
{% endhint %}

<figure><img src="/files/8h3aKxIr7pITAzML6st4" alt=""><figcaption><p>Service Account Details</p></figcaption></figure>

## Information

The Details tab contains attributes about the GCP Service Account. Risk and Exposure scores are displayed at the top of the page, along with privilege badges such as **Tier 0** and **Privileged**. An **Issues** panel on the right lists detected security findings.

| Attribute          | Description                                                                                                                               |
| ------------------ | ----------------------------------------------------------------------------------------------------------------------------------------- |
| Display Name       | The human-readable name of the service account (e.g., `Forestall Privileged`).                                                            |
| Service Account ID | The full email-format identifier of the service account (e.g., `forestall-privileged@management-project-486413.iam.gserviceaccount.com`). |
| Name               | The full resource name of the service account.                                                                                            |
| Parent Project     | The GCP project this service account belongs to.                                                                                          |
| Unique ID          | The unique numeric identifier of the service account.                                                                                     |
| Email              | The email address associated with the service account, used for IAM bindings.                                                             |
| Description        | A text description of the service account's purpose.                                                                                      |
| Disabled           | Indicates whether the service account is currently disabled.                                                                              |
| OAuth2 Client ID   | The OAuth2 client ID associated with the service account, used for authentication flows.                                                  |

### Service Account Keys

List all **Service Account Keys** binded to that service account.


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.forestall.io/fsprotect/gcp-identities/service-accounts.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.