- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
The Compute Engine default service account is associated with your Google Cloud project and attached by default to Compute Engine virtual machines, unless you explicitly assign another service account on virtual machine creation, to provide credentials to applications running on the instance.
Depending on your organization policy configuration, the default service account automatically grants the Editor role on your project. The permissions in the Editor role let you create and delete resources for most Google Cloud services within your Google Cloud project.
Datadog recommends reducing the permissions attached to the Compute Engine default service account to the minimum required for it to fulfill its function. To remediate the issue, remove the Editor role binding from the Compute Engine default service account on the project resource, and create a new role binding with the required permissions for your Compute Engine virtual machines.