On a machine I (tlous) have been given access to open a shell as another user (serviceAccount)

Executing: sudo su - serviceAccount has the desired effect of opening a shell as this serviceAccount user. So far so good.

This is nice, but I want to run a command as this user without opening a shell.

Let's say the command is whoami

I've tried:

sudo -u serviceAccount whoami

Sorry, user tlous is not allowed to execute '/usr/bin/whoami' as serviceAccount ...

sudo su - serviceAccount -c whoami

Sorry, user tlous is not allowed to execute '/bin/su - serviceAccount -c whoami' ...

And other variations. What am I missing? Can this be done in a oneliner? The reason is that I actually want to run this as an ssh command: ssh -t [email protected] sudo su - serviceAccount -c whoami