You should create and use a minimally privileged service account to run your GKE cluster instead of using the Compute Engine default service account.
Service accounts with wide permissions can increase the risk of compromise
Follow the appropriate remediation steps below to resolve the issue.