GCS client does not accept a service account ID. It just auto-discovers one when running on Google-managed infrastructure. Quoting from my post:
The GCS library for Node.js does support IAM-based signing now, when deployed in Google-managed runtimes. It basically implements steps 1 and 4 of the new signing protocol used by the Firebase Admin SDK.
For Cloud Functions, simply initializing the SDK without any credentials or options should do the trick.