Assigned
Status Update
No update yet.
Comments
ma...@google.com
ma...@google.com
Hello,
Thanks for reaching out to us!
The Product Engineering Team has been made aware of your feature request, and will address it in due course. Though we can't provide an ETA on feature requests nor guarantee their implementation, rest assured that your feedback is always taken very seriously, as it allows us to improve our products. Thank you for your trust and continued support to improve Google Cloud Platform products.
In case you want to report a new issue, please do not hesitate to create a new [Issue Tracker]
Thanks and Regards,
Onkar Mhetre
Google Cloud Support
Description
Problem you have encountered:
What you expected to happen:
As the Viewer role's purpose is to grant permissions for read-only actions in order to view (but not modify) existing resources [1], we don't expect a permission that allows a form of modification; which 'pubsub.schemas.attach' grants (and thus, this is seen as an over-grant by the Viewer role).
To add to this expectation, 'pubsub.schemas.attach' is not included in the Pub/Sub Viewer role [2]. And thus, this permission shouldn't be needed to gain viewership of Pub/Sub.
It's further noted that this permission is only found in the Pub/Sub Admin & Editor roles [3], which further indicates this permission's goal of modification rather than viewership.
[1]https://cloud.google.com/iam/docs/understanding-roles#viewer
[2]https://cloud.google.com/pubsub/docs/access-control#pubsub.viewer
[3]https://cloud.google.com/pubsub/docs/access-control#pubsub.admin