This repository has been archived by the owner on Aug 28, 2024. It is now read-only.
Should SCI clean up KSA <=> IAM principal bindings on namespace deletion? #179
Comments
|
GCP does not seem to have an atomatic way to add or remove a specific principal binding to a specific role. So updates should be kept to a minimum. There is a risk of overwriting someones IAM policy incorrect whenever we add or remove IAM policy bindings on GCP. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Context: #171 (comment)
The text was updated successfully, but these errors were encountered: