Service Accounts
Service accounts represent non-human machine users, like applications or deployment pipelines, that require programmatic access to a discreet set of secrets. Service accounts are used to:
Appropriately scope the selection of secrets a machine user has access to.
Issue access tokens to facilitate programmatic access to, and the ability to decrypt, secrets.
Secrets that your user account has access to are listed in the primary Secrets Manager view as well as by selecting Service accounts from the navigation:

Opening a service account will list the Secrets and People the service account has access to, as well as any generated Access tokens:

To create a new service account:
Use the New dropdown to select Service account:
New service account Enter a Service account name and, in the Access section, type or select the name of the project(s) that this service account should be able to access.
備考
For the beta, service accounts will be restricted to read-only access to projects.
Adding organization members to a service account will allow those people to generate access tokens for the service account and interact with all secrets the service account has access to. To add people to your service account:
In the service account, select the People tab.
From the people dropdown, type or select the members or groups to add to the project. Once you've selected the right people, select the Add button:
Add people to a service account
During the beta, all members will be given Can read, write access to a service account and associated secrets when assigned.
Adding projects to a service account will allow programmatic access to included secrets using access tokens. You can add both new and existing projects to a service account:
To add existing projects to your service account:
In the service account, select the Projects tab.
From the Projects dropdown, type or select the project(s) to add to the service account. Once you've chosen the right projects, select the Add button:
Add a project
備考
For the beta, service accounts will be restricted to read-only access to projects.
To add a new service account for this project:
Use the New dropdown to select Service account:
New service account Enter a Service account name and, in the Access section, type or select the name of the project(s) that this service account should be able to access.
備考
For the beta, service accounts will be restricted to read-only access to projects.
To delete a service account, use the () options menu for the service account to delete to select Delete service account. Deleting a service account will not delete the secrets associated with it. Service accounts are fully removed once deleted and do not get sent to the trash like secrets do.