Ensure GKE node pools do not use default service accounts

This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

Description

The service account running the nodes in a cluster should have the principle of least privilege applied. Without a minimally privileged service account, the impact during a node comprise could be much worse.

Remediation

Follow the documentation from Google Cloud’s Harden your cluster’s security article to configure a non-default service account for your Cluster’s nodes.