'User account does not exist in GCP IAM, however still the scheduled queries created by the user executing
I have couple of scheduled queries in GCP which are created by the user A. The user A has left the company, her account is not found from the GCP IAM but available in the x-domain.co directory. I see the queries are everyday running successfully!
Is this a normal behaviour?
I followed the below question already, as per this it is not possible! Would removing user who created a scheduled query on BigQuery break said query?
Solution 1:[1]
Answer:
Even though the users may not be in the result of the below command,
gcloud projects get-iam-policy <project_id> \
--flatten="bindings[].members" \
--format="value(bindings.members)" \
--sort-by=bindings.members | uniq
When the users are part of some Groups in GCP IAM & Admin, and if that Group has sufficient resource access roles assigned, it allows them to create and schedule the big queries in GCP.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | Kart Craze |