diff --git a/pkg/reconciler/intevents/pullsubscription/resources/receive_adapter.go b/pkg/reconciler/intevents/pullsubscription/resources/receive_adapter.go
index 62943839b2..a47852c991 100644
--- a/pkg/reconciler/intevents/pullsubscription/resources/receive_adapter.go
+++ b/pkg/reconciler/intevents/pullsubscription/resources/receive_adapter.go
@@ -162,6 +162,17 @@ func makeReceiveAdapterPodSpec(ctx context.Context, args *ReceiveAdapterArgs) *c
 		}
 	}
 
+	// If k8s service account is specified, use that service account as credential.
+	if args.Source.Spec.ServiceAccountName != "" {
+		kServiceAccountName := args.Source.Spec.ServiceAccountName
+		return &corev1.PodSpec{
+			ServiceAccountName: kServiceAccountName,
+			Containers: []corev1.Container{
+				receiveAdapterContainer,
+			},
+		}
+	}
+
 	// Otherwise, use secret as credential.
 	secret := args.Source.Spec.Secret
 	credsFile := fmt.Sprintf("%s/%s", credsMountPath, secret.Key)
diff --git a/pkg/reconciler/intevents/resources/pullsubscription.go b/pkg/reconciler/intevents/resources/pullsubscription.go
index 0ea5a6bd0a..d74bcb703e 100644
--- a/pkg/reconciler/intevents/resources/pullsubscription.go
+++ b/pkg/reconciler/intevents/resources/pullsubscription.go
@@ -52,6 +52,7 @@ func MakePullSubscription(args *PullSubscriptionArgs) *inteventsv1alpha1.PullSub
 			PubSubSpec: duckv1alpha1.PubSubSpec{
 				IdentitySpec: duckv1alpha1.IdentitySpec{
 					GoogleServiceAccount: args.Spec.IdentitySpec.GoogleServiceAccount,
+					ServiceAccountName:   args.Spec.IdentitySpec.ServiceAccountName,
 				},
 				Secret:  args.Spec.Secret,
 				Project: args.Spec.Project,
diff --git a/pkg/reconciler/intevents/resources/topic.go b/pkg/reconciler/intevents/resources/topic.go
index 327dd120ab..bd49a0cf78 100644
--- a/pkg/reconciler/intevents/resources/topic.go
+++ b/pkg/reconciler/intevents/resources/topic.go
@@ -48,6 +48,7 @@ func MakeTopic(args *TopicArgs) *inteventsv1alpha1.Topic {
 		Spec: inteventsv1alpha1.TopicSpec{
 			IdentitySpec: duckv1alpha1.IdentitySpec{
 				GoogleServiceAccount: args.Spec.IdentitySpec.GoogleServiceAccount,
+				ServiceAccountName:   args.Spec.IdentitySpec.ServiceAccountName,
 			},
 			Secret:            args.Spec.Secret,
 			Project:           args.Spec.Project,
diff --git a/pkg/reconciler/intevents/topic/resources/publisher.go b/pkg/reconciler/intevents/topic/resources/publisher.go
index c71f3e74c9..0492c06fbc 100644
--- a/pkg/reconciler/intevents/topic/resources/publisher.go
+++ b/pkg/reconciler/intevents/topic/resources/publisher.go
@@ -81,6 +81,17 @@ func makePublisherPodSpec(args *PublisherArgs) *corev1.PodSpec {
 		}
 	}
 
+	// If k8s service account is specified, use that service account as credential.
+	if args.Topic.Spec.ServiceAccountName != "" {
+		kServiceAccountName := args.Topic.Spec.ServiceAccountName
+		return &corev1.PodSpec{
+			ServiceAccountName: kServiceAccountName,
+			Containers: []corev1.Container{
+				publisherContainer,
+			},
+		}
+	}
+
 	// Otherwise, use secret as credential.
 	secret := args.Topic.Spec.Secret
 	if secret == nil {