You can monitor the success or failure of a service account in GCP.
gcloud policy-intelligence query-activity \ --activity-type=ACTIVITY_TYPE \ --project=PROJECT_ID \ --limit=LIMIT |
The two options you can use for ACTIVITY_TYPE are:
- serviceAccountKeyLastAuthentication
- serviceAccountLastAuthentication