I am using the Google Cloud Console for this purpose. When I create a service account, I can assign specific roles. But after I create it, I don't see an option to Update Roles of Service Accounts.
I tried to edit the service account, and still no option to add or remove roles. What am I missing here?
Once you have created a service account, to modify the roles assigned to the project for this identity (the service account), go to "IAM & Admin" then to "IAM" instead of "Service Accounts". Find the service account. Click the pencil icon at the far right. "IAM" is the first entry in the left panel of your screenshot.
Note: You can assign other IAM members with roles to a service account when the service account is a resource. Under "Service Accounts" click the checkbox next to the service account email address. A panel will open. This is the right-side panel in your screenshot. However, in your case, you are using the service account as an identity, so you need to add the roles to the project under the "IAM" section.
