skattar1406
commented
6 years ago ➤ Trevar Simmons commented:
DCF implements a monitoring system to continuously monitor and validate Service Accounts which are registered for controlled-access data, as well as their parent GCP Projects For the list of Service Account validation criteria, please see the Requirements: Service Account Validation section. If a Service Account fails validation, it is removed from all controlled access Google Groups. For the list of GCP Project validation criteria, please see the Requirements: GCP Project Validation section. If a GCP project fails validation, all "child" Service Accounts are removed from all controlled access Google Groups. DCF implements a monitoring system to expire Service Account registration for controlled-access data When a Service Account is registered, an expiration date is set (initially 7 days from the date and time of registration; users can request 7 day extensions indefinitely, assuming all validation checks pass). When a Service Account’s expiration date passes, it is removed from all controlled-access data Google Groups.
Alex to create more issues, if required based on ISB Phased implementation doc.
https://docs.google.com/document/d/1NcgQU9aRkpEpye9jFRhKXDFoUmNJ80gF8wddTe8_4RU/edit#heading=h.veednt7vc9lc