Google API Private Access Private Google Access is configured at the subnet level and allows subnetworks to access GCP services privately. The resources in the subnet can access Google services without an external IP, for eg: Cloud storage, Youtube, etc. It offers better security as the exposure to outside networks is reduced, thereby minimizing the possibilities of data interception and attacks. Google cloud service accounts These accounts are used for service-to-service authentication. For eg: an application in compute engine can use a service account to access a storage account Two types of service accounts - Google-managed service accounts & user-managed service accounts In Google-managed service accounts, the private and public keys are managed by Google. Each key can be used for a max of two weeks. Private keys of google managed keys are never directly accessible and the platform itself manages the key rotation process With user-managed keys, only public keys...