Loading...

XML

Word

Printable

Type: Spike
Resolution: Done
Priority: Critical
Fix Version/s: None
Affects Version/s: None
Labels:

Blocked:
False
Blocked Reason:
None
Ready:
False
Intelligence Requested:
Market:

SFDC Cases Links:
SFDC Cases Counter:
SFDC Cases Open:

Having the `iam.serviceAccounts.actAs` permission is a requirement right now for the Installer and the required scope is at the GCP Project level.

There is an escalation from a OSD customer flagging that this requirement is a security risk and is going against Google Cloud's security best practicies.

We need to spike how we could remove or limit that requirement to be complaint with Google Cloud's security best practices and unblock this customer for adopting OSD

relates to

CORS-3267 Spike on removing or limiting the iam.serviceAccounts.actAs requirement on GCP

Closed

Assignee:: Jeremiah Stuever

Reporter:: Jeremiah Stuever

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 2024/02/14 5:36 PM

Updated:: 2024/04/23 6:33 PM

Resolved:: 2024/04/23 6:33 PM

Details

Description

Attachments

Issue Links

Activity

People

Dates