New Service Account added to Security Group not included when group is deployed to higher environment

Created a new Service Account in the Admin Console and generated API Key. Added the new Service Account to a security group that has access to an application. Added the updated security group to a patch and deployed it to the next higher environment (AFTER creating the same new Service Account in that higher environment - since the API Keys are different), but after import - the new Service Account was not included in the security group. According to the documentation, it should be. "API keys and service accounts can be managed in the Admin Console by system administrators. Service accounts should be created in each environment with the same username and placed in the same groups so that permissions can be promoted to higher environments. API keys can only be used for the environment they're created in." I'm assuming that we will have to manually add the Service Account to the security group in each higher environment - but why? The name of the Service Account created IS the same in both DEV and TEST - as is the description. After creating them - they both were added to the Service Account group - as described in the documentation. 

Parents Reply
  • that group can be promoted to higher environments.

    My reading of it was that the group / "permission" is promoted, not actually the account, though I do see where you're coming from.  I don't have much experience yet with this new service account construct, all I know is that traditional user accounts are never transferred between environments.  Hopefully someone with more detailed technical knowledge about this new functionality can weigh in as well.


 Discussion posts and replies are publicly visible