Skip to content

Commit 9debd26

Browse files
pawan1210pawan1210
committed
fix: removed owner roles and added service specific roles
1 parent 66cfc36 commit 9debd26

File tree

6 files changed

+13
-7
lines changed

6 files changed

+13
-7
lines changed

metadata.yaml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -340,7 +340,8 @@ spec:
340340
- roles/run.admin
341341
- roles/iam.serviceAccountUser
342342
- roles/certificatemanager.owner
343-
- roles/owner
343+
- roles/vpcaccess.admin
344+
- roles/iam.serviceAccountCreator
344345
services:
345346
- cloudresourcemanager.googleapis.com
346347
- storage-api.googleapis.com

modules/backend/metadata.yaml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -307,7 +307,8 @@ spec:
307307
- roles/run.admin
308308
- roles/iam.serviceAccountUser
309309
- roles/certificatemanager.owner
310-
- roles/owner
310+
- roles/vpcaccess.admin
311+
- roles/iam.serviceAccountCreator
311312
services:
312313
- cloudresourcemanager.googleapis.com
313314
- storage-api.googleapis.com

modules/dynamic_backends/metadata.yaml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -332,7 +332,8 @@ spec:
332332
- roles/run.admin
333333
- roles/iam.serviceAccountUser
334334
- roles/certificatemanager.owner
335-
- roles/owner
335+
- roles/vpcaccess.admin
336+
- roles/iam.serviceAccountCreator
336337
services:
337338
- cloudresourcemanager.googleapis.com
338339
- storage-api.googleapis.com

modules/frontend/metadata.yaml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -229,7 +229,8 @@ spec:
229229
- roles/run.admin
230230
- roles/iam.serviceAccountUser
231231
- roles/certificatemanager.owner
232-
- roles/owner
232+
- roles/vpcaccess.admin
233+
- roles/iam.serviceAccountCreator
233234
services:
234235
- cloudresourcemanager.googleapis.com
235236
- storage-api.googleapis.com

modules/serverless_negs/metadata.yaml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -296,7 +296,8 @@ spec:
296296
- roles/run.admin
297297
- roles/iam.serviceAccountUser
298298
- roles/certificatemanager.owner
299-
- roles/owner
299+
- roles/vpcaccess.admin
300+
- roles/iam.serviceAccountCreator
300301
services:
301302
- cloudresourcemanager.googleapis.com
302303
- storage-api.googleapis.com

test/setup/iam.tf

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -19,9 +19,10 @@ locals {
1919
"roles/storage.admin",
2020
"roles/compute.admin",
2121
"roles/run.admin",
22-
"roles/iam.serviceAccountUser",
22+
"roles/iam.serviceAccountUser",
2323
"roles/certificatemanager.owner",
24-
"roles/owner"
24+
"roles/vpcaccess.admin",
25+
"roles/iam.serviceAccountCreator"
2526
]
2627
int_required_folder_roles = [
2728
"roles/compute.xpnAdmin"

0 commit comments

Comments
 (0)