Access
In Instance Groups, all operations are performed on behalf of a service account.
Service accounts are special accounts that can be used by services and applications to work with other Yandex Cloud APIs on your behalf. For more information about service accounts and access management in Yandex Cloud, see the Yandex Identity and Access Management documentation.
Instance Groups applications use service account authorized keys for authorization in the APIs and perform operations on resources within the roles granted to the service account in question. For example, Instance Groups can use a service account for creating, updating, and deleting VM instances. Instance Groups can easily get authenticated in the Compute Cloud API without embedding private keys or user credentials in the application code.
An instance group may only have one service account created in the same folder as the group.
Note