Recently, when investigating issues with the payments date spine and downstream reliability tables in #4453 / #4477, we noticed that it may be an issue with the service account used by composer not having permissions to query production tables to fulfill the create_row_access_policy macro.

In #4477, we introduce the new service account to the macro (we still need to monitor it's success), but were unsure if the existing service account (bq-transform-svcacct) is still needed for this or other functions, and whether it can be deprecated.

We need to investigate how (if at all) this service account is still being used, and if not, deprecate that service account and remove it from the create_row_access_policy macro.

Service account details:

resource "google_service_account" "tfer--114731815246487683241" {
  184:   account_id   = "bq-transform-svcacct"
  185    description  = "Grants Airflow pod operators access to GCS and bigquery"
  186    disabled     = "false"