deleted-compute-engine-default-service-account

[Tomáš Stanko]

Hello, 

we accidentally deleted default service account and now we are unable to deploy API’s from Marketplace which works with Compute Engine.

Is there a way to restore our deleted default compute engine service account please ? 

(account was deleted more then 30 days ago)

Tomáš Stanko.

[Pambos Charalambous]

Hi,

Try this?

https://stackoverflow.com/questions/36908749/deleted-compute-engine-default-service-account

Regards,

Pambos

[Fady (Google Cloud Platform)]

Answering Tomáš' question, if you deleted it more than 30 days, you can not recover it. If the marketplace solutions need the default service account, maybe creating a fresh project would be an alternative.  

The rest of my answer below is a further clarification about recovering the account within 30 days:

 

Pambos provided a very good link. However, the first answer is outdated. To recover the service account (within 30 days), you would need to find it's unique ID using Cloud Logging. An easy way is to use the following command in Cloudshell (or locally if you have the SDK installed and initialized)

gcloud logging read --freshness=30d --format='table(timestamp,resource.labels.email_id,resource.labels.project_id,resource.labels.unique_id)' \

'protoPayload.methodName="google.iam.admin.v1.DeleteServiceAccount" resource.type="service_account" logName:"cloudaudit.googleapis.com%2Factivity"'

And then use the unique ID from the output in the recovery command:

 gcloud beta iam service-accounts undelete ACCOUNT_ID