Description of problem:

Failed to create volumesnapshotcontent for gcp-filestore-csi-driver-operator

Version-Release number of selected component (if applicable):

quay.io/bertinatto/filestore-index:v4

How reproducible:

Always

Steps to Reproduce:
1.Deploy filestore csi operator and driver
2.Create storageclass, pvc/pod, volumesnapshotclass and volumesnapshot

oc get pvc
NAME       STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS        AGE
myclaim1   Bound    pvc-d3e7078d-6299-4b28-9954-9eea57c76e77   2Ti        RWX            filestore-example   3h4m

apiVersion: snapshot.storage.k8s.io/v1
kind: VolumeSnapshotClass
metadata:
  name: csi-gcp-filestore-backup-snap-class-same-region
driver: filestore.csi.storage.gke.io
parameters:
  type: backup
deletionPolicy: Delete

oc get volumesnapshot
NAME                      READYTOUSE   SOURCEPVC   SOURCESNAPSHOTCONTENT   RESTORESIZE   SNAPSHOTCLASS                                     SNAPSHOTCONTENT                                    CREATIONTIME   AGE
test-backup-same-region   false        myclaim1                                          csi-gcp-filestore-backup-snap-class-same-region   snapcontent-aa5d0cff-858f-44e2-a07a-74833b2e941b                  21m

3. check logs from csi-snapshooter

E0819 07:58:12.916399       1 snapshot_controller_base.go:283] could not sync content "snapcontent-aa5d0cff-858f-44e2-a07a-74833b2e941b": failed to add VolumeSnapshotBeingCreated annotation on the content snapcontent-aa5d0cff-858f-44e2-a07a-74833b2e941b: "snapshot controller failed to update snapcontent-aa5d0cff-858f-44e2-a07a-74833b2e941b on API server: volumesnapshotcontents.snapshot.storage.k8s.io \"snapcontent-aa5d0cff-858f-44e2-a07a-74833b2e941b\" is forbidden: User \"system:serviceaccount:openshift-cluster-csi-drivers:gcp-filestore-csi-driver-controller-sa\" cannot patch resource \"volumesnapshotcontents\" in API group \"snapshot.storage.k8s.io\" at the cluster scope"
I0819 07:58:12.916429       1 event.go:285] Event(v1.ObjectReference{Kind:"VolumeSnapshotContent", Namespace:"", Name:"snapcontent-aa5d0cff-858f-44e2-a07a-74833b2e941b", UID:"f321a2e3-58fc-4ffa-aa74-e5c72d89372f", APIVersion:"snapshot.storage.k8s.io/v1", ResourceVersion:"165537", FieldPath:""}): type: 'Warning' reason: 'SnapshotCreationFailed' Failed to create snapshot: failed to add VolumeSnapshotBeingCreated annotation on the content snapcontent-aa5d0cff-858f-44e2-a07a-74833b2e941b: "snapshot controller failed to update snapcontent-aa5d0cff-858f-44e2-a07a-74833b2e941b on API server: volumesnapshotcontents.snapshot.storage.k8s.io \"snapcontent-aa5d0cff-858f-44e2-a07a-74833b2e941b\" is forbidden: User \"system:serviceaccount:openshift-cluster-csi-drivers:gcp-filestore-csi-driver-controller-sa\" cannot patch resource \"volumesnapshotcontents\" in API group \"snapshot.storage.k8s.io\" at the cluster scope"

4.oc get csv gcp-filestore-csi-driver-operator.v4.12.0 -o yaml | grep volumesnapshotcontents
          - volumesnapshotcontents
          - volumesnapshotcontents/status
      message: cluster rule:{"verbs":["create","get","list","watch","update","delete"],"apiGroups":["snapshot.storage.k8s.io"],"resources":["volumesnapshotclasses","volumesnapshots","volumesnapshotcontents"]}
      message: cluster rule:{"verbs":["update"],"apiGroups":["snapshot.storage.k8s.io"],"resources":["volumesnapshotcontents/status"]}

Actual results:

Volumesnapshot is false to use

Expected results:

Volumesnapshotcontent is created

Additional info: