Skip to content

Commit 09150c1

Browse files
q2wq2w
committed
remove owner role
1 parent 49c4d06 commit 09150c1

File tree

6 files changed

+25
-7
lines changed

6 files changed

+25
-7
lines changed

metadata.yaml

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -333,8 +333,11 @@ spec:
333333
- roles/compute.xpnAdmin
334334
- level: Project
335335
roles:
336-
- roles/owner
337336
- roles/storage.admin
337+
- roles/compute.admin
338+
- roles/run.admin
339+
- roles/iam.serviceAccountUser
340+
- roles/certificatemanager.owner
338341
services:
339342
- cloudresourcemanager.googleapis.com
340343
- storage-api.googleapis.com

modules/backend/metadata.yaml

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -300,8 +300,11 @@ spec:
300300
- roles/compute.xpnAdmin
301301
- level: Project
302302
roles:
303-
- roles/owner
304303
- roles/storage.admin
304+
- roles/compute.admin
305+
- roles/run.admin
306+
- roles/iam.serviceAccountUser
307+
- roles/certificatemanager.owner
305308
services:
306309
- cloudresourcemanager.googleapis.com
307310
- storage-api.googleapis.com

modules/dynamic_backends/metadata.yaml

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -325,8 +325,11 @@ spec:
325325
- roles/compute.xpnAdmin
326326
- level: Project
327327
roles:
328-
- roles/owner
329328
- roles/storage.admin
329+
- roles/compute.admin
330+
- roles/run.admin
331+
- roles/iam.serviceAccountUser
332+
- roles/certificatemanager.owner
330333
services:
331334
- cloudresourcemanager.googleapis.com
332335
- storage-api.googleapis.com

modules/frontend/metadata.yaml

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -214,8 +214,11 @@ spec:
214214
- roles/compute.xpnAdmin
215215
- level: Project
216216
roles:
217-
- roles/owner
218217
- roles/storage.admin
218+
- roles/compute.admin
219+
- roles/run.admin
220+
- roles/iam.serviceAccountUser
221+
- roles/certificatemanager.owner
219222
services:
220223
- cloudresourcemanager.googleapis.com
221224
- storage-api.googleapis.com

modules/serverless_negs/metadata.yaml

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -289,8 +289,11 @@ spec:
289289
- roles/compute.xpnAdmin
290290
- level: Project
291291
roles:
292-
- roles/owner
293292
- roles/storage.admin
293+
- roles/compute.admin
294+
- roles/run.admin
295+
- roles/iam.serviceAccountUser
296+
- roles/certificatemanager.owner
294297
services:
295298
- cloudresourcemanager.googleapis.com
296299
- storage-api.googleapis.com

test/setup/iam.tf

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -16,8 +16,11 @@
1616

1717
locals {
1818
int_required_project_roles = [
19-
"roles/owner",
20-
"roles/storage.admin"
19+
"roles/storage.admin",
20+
"roles/compute.admin",
21+
"roles/run.admin",
22+
"roles/iam.serviceAccountUser",
23+
"roles/certificatemanager.owner"
2124
]
2225
int_required_folder_roles = [
2326
"roles/compute.xpnAdmin"

0 commit comments

Comments
 (0)