How can get list of multiple - GCP projects assigned under one service account ? ( GCP )( python-client library files)

Question

I am trying to list the projects which are assigned under the service account file ( credentials.json ).

Below: by following this method i have added multiple project under one service account

And then I have generated the key (ie) credientials.json file from the project B as mentioned in above image.

I checked inside the credientials.json: But that service account has only project name. it doesn't have the project A name.

Even though i applied this credientials.json file to my code its showing only the project B name. it does't showes the project A name.

if the service account co.neting method is wrong please correct me

Here is my code

import os
import google.auth
credential_path = r'c:test\credientials.json'
os.environ['GOOGLE_APPLICATION_CREDENTIALS'] = credential_path
credentials,project = google.auth.default()
print(credentials)
print(project)

Answer 1

On Google Cloud, the IAM permission are resource centric (a project is a resource, like a Cloud Functions or a VM) and not account centric (as AWS is).

Therefore, you can't know all the resources granted on an account, but you have to browse ALL the resource and to check if the account is authorized on it.

Because it's boring, you can use Cloud Asset Inventory search IAM policies to make this task easier