Security Question

Certified Senior Developer

An API I was building required a query of a datastore and to avoid getting a 500 error, I needed to add the service account as a viewer to the datastore. While I don't particularly care about access to the entity that is getting queried, there are other entities within the datastore that I would rather not have potential external access. My question is, is there a danger of accessing other entities within a datastore through that service account somehow? Would it be safer to create a separate datastore for the service account that only contains the entity that it needs to access? Or would it not make a difference either way and I'm just being paranoid? 

  Discussion posts and replies are publicly visible