Skip to content

Commit

Permalink
remove owner role
Browse files Browse the repository at this point in the history
  • Loading branch information
@q2w
q2w committed Feb 24, 2025
1 parent 49c4d06 commit 09150c1
Show file tree
Hide file tree
Showing 6 changed files with 25 additions and 7 deletions.
5 changes: 4 additions & 1 deletion metadata.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -333,8 +333,11 @@ spec:
- roles/compute.xpnAdmin
- level: Project
roles:
- roles/owner
- roles/storage.admin
- roles/compute.admin
- roles/run.admin
- roles/iam.serviceAccountUser
- roles/certificatemanager.owner
services:
- cloudresourcemanager.googleapis.com
- storage-api.googleapis.com
Expand Down
5 changes: 4 additions & 1 deletion modules/backend/metadata.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -300,8 +300,11 @@ spec:
- roles/compute.xpnAdmin
- level: Project
roles:
- roles/owner
- roles/storage.admin
- roles/compute.admin
- roles/run.admin
- roles/iam.serviceAccountUser
- roles/certificatemanager.owner
services:
- cloudresourcemanager.googleapis.com
- storage-api.googleapis.com
Expand Down
5 changes: 4 additions & 1 deletion modules/dynamic_backends/metadata.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -325,8 +325,11 @@ spec:
- roles/compute.xpnAdmin
- level: Project
roles:
- roles/owner
- roles/storage.admin
- roles/compute.admin
- roles/run.admin
- roles/iam.serviceAccountUser
- roles/certificatemanager.owner
services:
- cloudresourcemanager.googleapis.com
- storage-api.googleapis.com
Expand Down
5 changes: 4 additions & 1 deletion modules/frontend/metadata.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -214,8 +214,11 @@ spec:
- roles/compute.xpnAdmin
- level: Project
roles:
- roles/owner
- roles/storage.admin
- roles/compute.admin
- roles/run.admin
- roles/iam.serviceAccountUser
- roles/certificatemanager.owner
services:
- cloudresourcemanager.googleapis.com
- storage-api.googleapis.com
Expand Down
5 changes: 4 additions & 1 deletion modules/serverless_negs/metadata.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -289,8 +289,11 @@ spec:
- roles/compute.xpnAdmin
- level: Project
roles:
- roles/owner
- roles/storage.admin
- roles/compute.admin
- roles/run.admin
- roles/iam.serviceAccountUser
- roles/certificatemanager.owner
services:
- cloudresourcemanager.googleapis.com
- storage-api.googleapis.com
Expand Down
7 changes: 5 additions & 2 deletions test/setup/iam.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,8 +16,11 @@

locals {
int_required_project_roles = [
"roles/owner",
"roles/storage.admin"
"roles/storage.admin",
"roles/compute.admin",
"roles/run.admin",
"roles/iam.serviceAccountUser",
"roles/certificatemanager.owner"
]
int_required_folder_roles = [
"roles/compute.xpnAdmin"
Expand Down

0 comments on commit 09150c1

Please sign in to comment.