We have observed that in GKE, user with GKE admin role does not get cluster api upgrade notification as shown below and they need to have viewer access to view these notifications.
what could be the reason behind it ? Ideally user having GKE admin permissions should also be able to view any upgrade notifications for the clusters.
With GKE admin role and NO viewer role
With GKE admin role and viewer role
You need this permission :
recommender.containerDiagnosisRecommendations.get
. It's available in one of the roles shown the capture below