-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathovermind-gcp-roles.sh
More file actions
43 lines (42 loc) · 1.25 KB
/
overmind-gcp-roles.sh
File metadata and controls
43 lines (42 loc) · 1.25 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
# Define roles that can be applied at any level (org, folder, or project)
ROLES=(
"roles/browser"
"roles/aiplatform.viewer"
"roles/artifactregistry.reader"
"roles/bigquery.metadataViewer"
"roles/bigquery.user"
"roles/bigtable.viewer"
"roles/cloudbuild.builds.viewer"
"roles/cloudfunctions.viewer"
"roles/cloudkms.viewer"
"roles/cloudsql.viewer"
"roles/compute.viewer"
"roles/container.viewer"
"roles/dataform.viewer"
"roles/dataplex.catalogViewer"
"roles/dataplex.viewer"
"roles/dataproc.viewer"
"roles/dns.reader"
"roles/essentialcontacts.viewer"
"roles/eventarc.viewer"
"roles/file.viewer"
"roles/logging.viewer"
"roles/monitoring.viewer"
"roles/orgpolicy.policyViewer"
"roles/pubsub.viewer"
"roles/redis.viewer"
"roles/resourcemanager.tagViewer"
"roles/run.viewer"
"roles/secretmanager.viewer"
"roles/securitycentermanagement.viewer"
"roles/servicedirectory.viewer"
"roles/serviceusage.serviceUsageViewer"
"roles/spanner.viewer"
"roles/storage.bucketViewer"
"roles/storagetransfer.viewer"
)
# Define roles that can only be applied at project level
PROJECT_ONLY_ROLES=(
"roles/iam.roleViewer"
"roles/iam.serviceAccountViewer"
)