Skip to content

Commit ff60365

Browse files
q2wq2w
authored
fix: use less privilege roles for ci service account (#459)
1 parent ef60927 commit ff60365

File tree

9 files changed

+0
-9
lines changed

9 files changed

+0
-9
lines changed

metadata.yaml

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -93,7 +93,6 @@ spec:
9393
roles:
9494
- level: Project
9595
roles:
96-
- roles/owner
9796
- roles/compute.admin
9897
- roles/compute.networkAdmin
9998
- roles/iam.serviceAccountUser

modules/compute_disk_snapshot/metadata.yaml

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -159,7 +159,6 @@ spec:
159159
roles:
160160
- level: Project
161161
roles:
162-
- roles/owner
163162
- roles/compute.admin
164163
- roles/compute.networkAdmin
165164
- roles/iam.serviceAccountUser

modules/compute_instance/metadata.yaml

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -170,7 +170,6 @@ spec:
170170
roles:
171171
- level: Project
172172
roles:
173-
- roles/owner
174173
- roles/compute.admin
175174
- roles/compute.networkAdmin
176175
- roles/iam.serviceAccountUser

modules/instance_template/metadata.yaml

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -374,7 +374,6 @@ spec:
374374
roles:
375375
- level: Project
376376
roles:
377-
- roles/owner
378377
- roles/compute.admin
379378
- roles/compute.networkAdmin
380379
- roles/iam.serviceAccountUser

modules/mig/metadata.yaml

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -313,7 +313,6 @@ spec:
313313
roles:
314314
- level: Project
315315
roles:
316-
- roles/owner
317316
- roles/compute.admin
318317
- roles/compute.networkAdmin
319318
- roles/iam.serviceAccountUser

modules/mig_with_percent/metadata.yaml

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -301,7 +301,6 @@ spec:
301301
roles:
302302
- level: Project
303303
roles:
304-
- roles/owner
305304
- roles/compute.admin
306305
- roles/compute.networkAdmin
307306
- roles/iam.serviceAccountUser

modules/preemptible_and_regular_instance_templates/metadata.yaml

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -201,7 +201,6 @@ spec:
201201
roles:
202202
- level: Project
203203
roles:
204-
- roles/owner
205204
- roles/compute.admin
206205
- roles/compute.networkAdmin
207206
- roles/iam.serviceAccountUser

modules/umig/metadata.yaml

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -178,7 +178,6 @@ spec:
178178
roles:
179179
- level: Project
180180
roles:
181-
- roles/owner
182181
- roles/compute.admin
183182
- roles/compute.networkAdmin
184183
- roles/iam.serviceAccountUser

test/setup/iam.tf

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,6 @@
1616

1717
locals {
1818
vm_required_roles = [
19-
"roles/owner",
2019
"roles/compute.admin",
2120
"roles/compute.networkAdmin",
2221
"roles/iam.serviceAccountUser",

0 commit comments

Comments
 (0)