gce/Vm Has A Service Account

Verifies the existence of a service account for the Ops Agent to use.

Product: Compute Engine
Step Type: AUTOMATED STEP

Description

This investigation only happens from the perspective googleapis and user provided input. We don’t look inside the VM for cases like GOOGLE_APPLICATION_CREDENTIALS. User will have to know and specify that if They are using the application

Failure Reason

Ops agent in {full_resource_path} doesn’t have a service account to use when exporting logs/metrics.

Failure Remediation

Follow [1] to attach an active service account to this GCE Instance. Read more on how to properly authorize ops agent.

[1] https://cloud.google.com/compute/docs/instances/change-service-account#changeserviceaccountandscopes

[2] https://cloud.google.com/stackdriver/docs/solutions/agents/ops-agent/authorization#authorize_with_an_attached_service_account

Success Reason

Ops agent in {full_resource_path} has {sa} to use when exporting logs/metrics