docs/user/gcp/postinstall.md

# Service Account: Post Install

If the service account used to create the cluster was given the Owner role or included the Service Account Key Admin role, 
the service account no longer requires elevated permissions after install. You may change its role to Viewer or 
remove all roles bound to it. You can perform these steps by revisiting the service account role binding step you performed
earlier.

[GCP: Assign service account roles][sa-assign]

[sa-assign]: https://cloud.google.com/iam/docs/granting-roles-to-service-accounts#granting_access_to_a_service_account_for_a_resource
[gcp] docs/user: Add GCP installer user documentation 2019-08-01 16:28:50 -04:00			`# Service Account: Post Install`

			`If the service account used to create the cluster was given the Owner role or included the Service Account Key Admin role,`
Update GCP user docs. Update all GCP user docs to bring up to standard of equivalent AWS docs. 2019-09-12 22:42:52 -04:00			`the service account no longer requires elevated permissions after install. You may change its role to Viewer or`
[gcp] docs/user: Add GCP installer user documentation 2019-08-01 16:28:50 -04:00			`remove all roles bound to it. You can perform these steps by revisiting the service account role binding step you performed`
			`earlier.`

			`[GCP: Assign service account roles][sa-assign]`

			`[sa-assign]: https://cloud.google.com/iam/docs/granting-roles-to-service-accounts#granting_access_to_a_service_account_for_a_resource`