Update faq-permissions.yml

fixed bullets

Author: AlizaBernstein

articles/defender-for-cloud/faq-permissions.yml

@@ -97,9 +97,9 @@ sections:
             | Resources | arn:aws:kms::${AWS::AccountId}:key/ |
             | Effect | Allow |
             
-            - GCP permissions: during onboarding - a new custom role is created with minimal permissions required to get instances status and create snapshots. on top of that permissions to an existing GCP KMS role are granted to support scanning disks that are encrypted with CMEK. The roles are:
-              - roles/MDCAgentlessScanningRole granted to Defender for Cloud’s service account with permissions: compute.disks.createSnapshot, compute.instances.get
-              - roles/cloudkms.cryptoKeyEncrypterDecrypter granted to Defender for Cloud’s compute engine service agent
+          - GCP permissions: during onboarding - a new custom role is created with minimal permissions required to get instances status and create snapshots. on top of that permissions to an existing GCP KMS role are granted to support scanning disks that are encrypted with CMEK. The roles are:
+            - roles/MDCAgentlessScanningRole granted to Defender for Cloud’s service account with permissions: compute.disks.createSnapshot, compute.instances.get
+            - roles/cloudkms.cryptoKeyEncrypterDecrypter granted to Defender for Cloud’s compute engine service agent
 
       - question: |
           What is the minimum SAS policy permissions required when exporting data to Azure Event Hubs?