Hide Forgot
Document URL: https://access.redhat.com/documentation/en/red-hat-cloudforms/4.1/managing-providers/#adding_amazon_ec2_providers Section Number and Name: 3.4.1.8 Adding Google Compute Engine Providers: service account Describe the issue: The GCE provider currently requires the Service Account JSON key, my security standards prevent me from giving cart blanch access to my GCE environment. Can you please enumerate the permissions required by CFME so that I can use least privilege when creating the CFME user for my GCE environment. Suggestions for improvement: Add a section indicating required permissions for the GCE provider. Additional information:
Moving to 'NEW' while assigned to the default assignee.
Thank you for raising this bug. After further discussion with the program team, we have been given the advice not to document specific permissions for service accounts at this time based on the following article - http://cloudformsblog.redhat.com/2017/08/16/security-management-operations/ As such, I will be closing this bug for now, but we can re-investigate this request again in the future if required.
Cancelling old needinfo request.