Open jasonbisson opened 2 years ago
https://github.com/anagha-google/cloud-composer-setup-foundations/blob/main/01-modules/01-foundational-setup.md#7f-permissions-for-default-compute-engine-service-account-to-pull-images-from-container-registry
We should avoid the use of the default compute account which typically has the owner role. Also, the example shows editor when the permission discussed is container registry.
Same issue here. https://github.com/anagha-google/cloud-composer-setup-foundations/blob/main/01-modules/01-foundational-setup.md#12-permissions-specific-to-google-managed-default-service-accounts
https://github.com/anagha-google/cloud-composer-setup-foundations/blob/main/01-modules/01-foundational-setup.md#7f-permissions-for-default-compute-engine-service-account-to-pull-images-from-container-registry
We should avoid the use of the default compute account which typically has the owner role. Also, the example shows editor when the permission discussed is container registry.