Documentation in https://docs.redhat.com/en/documentation/openshift_container_platform/4.21/html/backup_and_restore/oadp-gcp-wif-cloud-authentication_installing-oadp-gcp seems different to what is being shown in the upstream repo here https://github.com/openshift/oadp-operator/blob/oadp-dev/docs/config/gcp/oadp-gcp-wif-cloud-authentication.adoc

Upstream documentation seems more detailed as to how to integrate OADP with a GCP WIF environment.

For example:

1. The section in the upstream docs, where you grant IAM roles to the created velero service account points to some already defined roles: compute.storageAdmin, storage.admin and compute.admin, in the RH doc we don't use those, instead we define a list of role permissions to be then added to a new role (must create one) named as `velero.server`. Does those permissions, that the RH docs asks to create, are equivalent to what's in the defined roles in the upstream doc?

2. In the RH docs we update the bucket with the new serviceAccount as the objectAdmin. The upstream docs doesn't mention this. What's correct?

3. In the upstream docs, we bind the service-accounts `velero` and `openshift-adp-controller-manager` with the role `workloadIdentityUser` while in the RH docs we only do this part for the `velero` service account. Which one is correct?

This discrepancy could generate confusion and frustration when configuring OADP on an OCP cluster in GCP WIF environment.