Service Account User role is not required
maBarabas opened this issue · 2 comments
When setting up supply, in the "Collect your Google credentials" section, the steps tells us to add the "Service Account User" role to the created Service Account.
This role is for impersonating other Service Accounts and is not actually required in this case. From the docs:
Users granted the Service Account User role on a service account can use it to indirectly access all the resources to which the service account has access.
The permissions are configured completely from the Google Play Console, and the Service Account can have roles assigned at all in the Google Cloud Console.
I've removed the Service Account User role from the Service Account, and fastlane supply init --internal command worked fine.
Could some with more GCP experience confirm if this is correct?