GCP Firewall Source Service Account

Here’s how to create a firewall from service account to service account.

<pre lang="bash">
gcloud compute firewall-rules create "firewall-name" \
--description="firewall-description" \
--priority "1000" \
--direction INGRESS \
--action allow \
--network "network-name" \
--source-service-accounts="service@account.net" \
--target-service-accounts="service@account.net" \
--rules tcp:9001

Instead of source-range, it’s using source-service-accounts.