I am new to google cloud. I am trying to minimize the roles of Service accounts to improve security. The role assigned to my SA is of Compute Viewer, but the recommendation shows that these are excessive roles and are not used from 90 days.
But when I opened Metrics Explorer it shows that SA has authentication events of every date till now. Now, I am confused if SA is being authenticated, which role it is using as the only role (Computer Viewer) is not used from 90 days.
The SA is of bastion host.
The warning means that the service account has permissions that have not been used. The message does not mean that the "service account" has not been used.
Tip: A Bastion Host should not have any permissions except for logging (Stackdriver Logging and Stackdriver Monitoring).