🔥 Service Accounts for Firebase Got Removed – Nee...

emanuelweinsjo · 02-12-2025 01:45 AM

Hello Google Cloud Community,
I recently encountered an issue where the service accounts connected to my Firebase project in Google Cloud got removed.

Specifically, my default service account (PROJECT_ID@appspot.gserviceaccount.com) and the Compute Engine service account (PROJECT_NUMBER-compute@developer.gserviceaccount.com) are missing, and my Firebase Functions deployment is failing with a 404 NOT FOUND error.

Problem Details:
I can no longer see my default Firebase service accounts in IAM & Admin > Service Accounts.
Deployments to Firebase Functions fail with the following error:

Error: Service account projects/-/serviceAccounts/PROJECT_NUMBER-compute@developer.gserviceaccount.com was not found.

I checked the IAM & Admin > Service Accounts section, and it shows "Deleted Service Account".
I did not manually delete these accounts, and I am unsure if Google automatically removed them.
What I Have Tried:

✅Checked the Google Cloud Console > IAM & Admin > Service Accounts (Accounts are missing).
✅Attempted to restore the service accounts, but I couldn't find a way to do so.
✅Verified that Cloud Functions API and Firebase Admin API are enabled.
✅Checked Google Cloud billing, and my project is still active.
✅Tried deploying Firebase Functions, but the error persists.

Questions:
1) Is there a way to restore deleted service accounts in Google Cloud?
2) Has Google ever automatically removed service accounts? Under what conditions?
3) If I manually recreate the service accounts, how do I properly configure permissions for Firebase and Cloud Functions to work again?

I’d really appreciate any guidance on how to recover my service accounts or properly set up new ones! Thanks in advance for your help. 🙏

@emanuelweinsjo

ronnelg

Hi @emanuelweinsjo,

Welcome to Google Cloud Community!

I understand that you encountered an issue where your service accounts connected to your Firebase project got removed or deleted.

Have you tried to check the service accounts for your project via Firebase? You can view all service accounts for your project in the Service accounts tab of your settings in the Firebase console.

You can also check in the Logs Explorer to see if it is deleted or manually removed. You can set the query to resource.type="service_account" and run it to see all the logs related to service accounts.

You can use the undelete command to restore a deleted service account. You can usually undelete a deleted service account if the service account was deleted less than 30 days ago and there is no existing service account with the same name as the deleted service account. You can check this documentation for more information.

Was this helpful? If so, please accept this answer as “Solution”. If you need additional assistance, reply here within 2 business days and I’ll be happy to help.

prvashisht

Hi @ronnelg, I'm not the OP but I'm also facing this error while deploying functions via the firebase deploy command.

Error: Service account projects/-/serviceAccounts/PROJECT_NUMBER-compute@developer.gserviceaccount.com was not found.

I tried checking the service account in the firebase console in the settings, and it shows me 16 service accounts but on clicking the link, it opens up Google Cloud console which only shows the 4 custom service accounts I've created, and none of the default ones.
I tried the logs explorer, but I haven't deployed (or touched in any way) my firebase deployment for over 6 months, so I am unable to see any logs related to service account changes that might show it has been deleted.

This troubleshooting link does say that "Deployments fail if you delete the default account", but I'm pretty sure I haven't deleted the service account, and no one else has access to my firebase account or this project.

Specifying the service account email with the --service-account param is also only available with gcloud and I'm using firebase deployment functions.

felansu

Im in exactly same situation - @prvashisht in our case we specify the service account like you said in the end - our problem is for deploy the extensions - we can't specify the service account for deploy the extensions - is generating errors in the installation of the server - i checked the code of firebase-tools and have a file called v2FunctionHelper with that hardcoded line:

const saEmail = `${projectNumber}-compute@developer.gserviceaccount.com`;

And this is used in many parts of the code - so always is asking for that "default" service account.

We are in this project almos 9 years before firebase stay inside of google totally integrated, im sure was a bug in the automatic migration they make forget to create the default service account, we really need now solve that problem because is causing a lot of bugs in our project!

felansu

Same problem - project created 10 years ago in firebase - never had a default service account like that - and now is requesting for deploy extensions, i see the code of firebase-tools and they hardcoded that service account:

const saEmail = `${projectNumber}-compute@developer.gserviceaccount.com`;

so - what we can do the people have 40 extensions to deploy? its so hard - need to resolve that problem, easy way is allowing the service account as parameter like they do with firebase deploy functions

🔥 Service Accounts for Firebase Got Removed – Need Recovery Help