Update docs to add additional clarity against sharing IAM policy/cache bucket credentials with jobs
Runner is designed to not share bucket credentials with jobs and uses signed URLs so that jobs shouldn't need to be trusted. This attack relies on bucket credentials to be shared by another mechanism which is outside of Runner's control.
Jobs should not have access to the cache bucket, and the IAM policy that the Runner manager uses should not be shared with the jobs.
We have some documentation warning against this, but perhaps we can clarify that only the Runner manager needs any kind of credentials for the cache bucket.