Skip to content

Commit 8e31cc0

Browse files
odvarkadanielodvarkadaniel
committed
Keep only used services for GCP
1 parent 202110f commit 8e31cc0

1 file changed

Lines changed: 5 additions & 113 deletions

File tree

manifests/0000_26_cloud-controller-manager-operator_16_credentialsrequest-gcp.yaml

Lines changed: 5 additions & 113 deletions
Original file line numberDiff line numberDiff line change
@@ -17,150 +17,42 @@ spec:
1717
kind: GCPProviderSpec
1818
permissions:
1919
- "compute.addresses.create"
20-
- "compute.addresses.createInternal"
2120
- "compute.addresses.delete"
22-
- "compute.addresses.deleteInternal"
2321
- "compute.addresses.get"
2422
- "compute.addresses.list"
25-
- "compute.addresses.use"
26-
- "compute.networks.get"
27-
- "compute.networks.list"
28-
- "compute.networks.use"
29-
- "compute.networks.list"
30-
- "compute.zones.list"
31-
- "resourcemanager.projects.get"
32-
- "compute.subnetworks.list"
33-
- "compute.subnetworks.get"
34-
- "compute.subnetworks.use"
35-
- "compute.subnetworks.list"
36-
- "compute.backendServices.create"
37-
- "compute.backendServices.delete"
38-
- "compute.backendServices.get"
39-
- "compute.backendServices.list"
40-
- "compute.backendServices.update"
41-
- "compute.backendServices.use"
42-
- "compute.disks.create"
43-
- "compute.disks.createSnapshot"
44-
- "compute.disks.delete"
45-
- "compute.disks.get"
46-
- "compute.disks.list"
47-
- "compute.disks.listEffectiveTags"
48-
- "compute.disks.listTagBindings"
49-
- "compute.disks.resize"
50-
- "compute.disks.setLabels"
51-
- "compute.disks.update"
52-
- "compute.disks.use"
53-
- "compute.disks.useReadOnly"
5423
- "compute.firewalls.create"
5524
- "compute.firewalls.delete"
5625
- "compute.firewalls.get"
57-
- "compute.firewalls.list"
5826
- "compute.firewalls.update"
5927
- "compute.forwardingRules.create"
6028
- "compute.forwardingRules.delete"
6129
- "compute.forwardingRules.get"
62-
- "compute.forwardingRules.list"
63-
- "compute.forwardingRules.update"
64-
- "compute.forwardingRules.use"
6530
- "compute.healthChecks.create"
6631
- "compute.healthChecks.delete"
6732
- "compute.healthChecks.get"
68-
- "compute.healthChecks.list"
6933
- "compute.healthChecks.update"
70-
- "compute.healthChecks.use"
7134
- "compute.httpHealthChecks.create"
7235
- "compute.httpHealthChecks.delete"
7336
- "compute.httpHealthChecks.get"
74-
- "compute.httpHealthChecks.list"
7537
- "compute.httpHealthChecks.update"
76-
- "compute.httpHealthChecks.use"
77-
- "compute.instanceGroupManagers.create"
78-
- "compute.instanceGroupManagers.delete"
79-
- "compute.instanceGroupManagers.get"
80-
- "compute.instanceGroupManagers.list"
81-
- "compute.instanceGroupManagers.update"
82-
- "compute.instanceGroupManagers.use"
38+
- "compute.instanceGroups.addInstances"
8339
- "compute.instanceGroups.create"
8440
- "compute.instanceGroups.delete"
8541
- "compute.instanceGroups.get"
86-
- "compute.instanceGroups.list"
87-
- "compute.instanceGroups.update"
88-
- "compute.instanceGroups.use"
42+
- "compute.instanceGroups.listInstances"
43+
- "compute.instanceGroups.removeInstances"
44+
- "compute.instances.get"
8945
- "compute.regionBackendServices.create"
9046
- "compute.regionBackendServices.delete"
9147
- "compute.regionBackendServices.get"
92-
- "compute.regionBackendServices.getIamPolicy"
93-
- "compute.regionBackendServices.list"
94-
- "compute.regionBackendServices.setIamPolicy"
95-
- "compute.regionBackendServices.setSecurityPolicy"
9648
- "compute.regionBackendServices.update"
97-
- "compute.regionBackendServices.use"
98-
- "compute.instances.attachDisk"
99-
- "compute.instances.create"
100-
- "compute.instances.createTagBinding"
101-
- "compute.instances.delete"
102-
- "compute.instances.deleteAccessConfig"
103-
- "compute.instances.deleteTagBinding"
104-
- "compute.instances.detachDisk"
105-
- "compute.instances.get"
106-
- "compute.instances.getEffectiveFirewalls"
107-
- "compute.instances.list"
108-
- "compute.instances.osAdminLogin"
109-
- "compute.instances.osLogin"
110-
- "compute.instances.reset"
111-
- "compute.instances.resume"
112-
- "compute.instances.setLabels"
113-
- "compute.instances.setMachineResources"
114-
- "compute.instances.setMachineType"
115-
- "compute.instances.setMetadata"
116-
- "compute.instances.setMinCpuPlatform"
117-
- "compute.instances.setName"
118-
- "compute.instances.setScheduling"
119-
- "compute.instances.setTags"
120-
- "compute.instances.start"
121-
- "compute.instances.startWithEncryptionKey"
122-
- "compute.instances.stop"
123-
- "compute.instances.suspend"
124-
- "compute.instances.update"
125-
- "compute.instances.use"
126-
- "compute.instances.useReadOnly"
127-
- "compute.instanceTemplates.create"
128-
- "compute.instanceTemplates.delete"
129-
- "compute.instanceTemplates.get"
130-
- "compute.instanceTemplates.list"
131-
- "compute.zoneOperations.get"
132-
- "compute.zoneOperations.list"
133-
- "compute.zones.get"
134-
- "compute.zones.list"
135-
- "compute.projects.get"
136-
- "compute.regions.get"
137-
- "compute.regions.list"
138-
- "compute.routers.create"
139-
- "compute.routers.delete"
140-
- "compute.routers.get"
141-
- "compute.routers.list"
142-
- "compute.routers.update"
143-
- "compute.routers.use"
144-
- "compute.routes.delete"
145-
- "compute.routes.list"
146-
- "compute.targetPools.addHealthCheck"
14749
- "compute.targetPools.addInstance"
14850
- "compute.targetPools.create"
14951
- "compute.targetPools.delete"
15052
- "compute.targetPools.get"
151-
- "compute.targetPools.list"
15253
- "compute.targetPools.removeInstance"
153-
- "compute.targetPools.update"
154-
- "compute.targetPools.use"
155-
- "compute.networkEndpointGroups.attachNetworkEndpoints"
156-
- "compute.networkEndpointGroups.create"
157-
- "compute.networkEndpointGroups.delete"
158-
- "compute.networkEndpointGroups.detachNetworkEndpoints"
159-
- "compute.networkEndpointGroups.get"
160-
- "compute.networkEndpointGroups.list"
161-
- "compute.networkEndpointGroups.use"
54+
- "compute.zones.list"
16255

163-
16456
# If set to true, don't check whether the requested
16557
# roles have the necessary services enabled
16658
skipServiceCheck: true

0 commit comments

Comments
 (0)