I am working with an application that automates helm chart installation into a GKE cluster. The application uses an IAM Service Account to connect to the cluster. When the application runs the "helm install" command, it does not specify the `-n` flag to set the namespace where the chart should be installed in. In turn it relies on the "current-context" of a kubeconfig file (for example in OpenShift) in order to deploy the chart in that namespace. Unfortunately there is no "current-context" in the IAM Service Account key and all helm deployments go into the 'default' namespace since that's the natural behavior of the "helm install" command when '-n' isn't specified.

Is there any way to bind an IAM Service Account to a specific GKE namespace?

Note that I tried the instructions in this link to restrict the IAM Service Account access to a specific namespace but this doesn't solve the problem since essentially all this does is restricts access to the default namespace from an authorization standpoint which is not the same thing as "current-context".