What is the nature and description of the request?

• When we set customRBACresource to "true" it is granting edit cluster role to the pipeline service account, which is higher privileged for pipeline service account using which app teams are able to create deployments and other objects.

Why does the customer need this? (List the business requirements here)

• We would like to follow least privileged model to restrict the access to pipeline account.

How would the customer like to achieve this? (List the functional requirements here)

• By reducing the privileged to the pipeline service account.