1apiVersion: backend.edge.ncr.com/v1alpha2
2kind: DatabaseUser
3metadata:
4 name: bannerctl-${cluster_hash}
5spec:
6 type: CLOUD_IAM_SERVICE_ACCOUNT
7 serviceAccount:
8 emailRef: bannerctl-${cluster_hash}@${gcp_project_id}.iam.gserviceaccount.com
9 iamUsername: bannerctl-${cluster_hash}@${gcp_project_id}.iam
10 force: true
11 grants:
12 - schema: public
13 tableGrant:
14 - permissions:
15 - permission: SELECT
16 - permission: UPDATE
17 table: banners
18 - permissions:
19 - permission: DELETE
20 - permission: INSERT
21 - permission: SELECT
22 table: labels
23 - permissions:
24 - permission: INSERT
25 - permission: SELECT
26 - permission: UPDATE
27 table: channels
28 - permissions:
29 - permission: DELETE
30 - permission: INSERT
31 - permission: SELECT
32 - permission: UPDATE
33 table: channels_key_versions
34 - permissions:
35 - permission: INSERT
36 - permission: SELECT
37 table: ca_pools
38 - permissions:
39 - permission: INSERT
40 - permission: SELECT
41 - permission: UPDATE
42 table: ca_certificates
43 - permissions:
44 - permission: SELECT
45 table: helm_workloads_channels
46 - permissions:
47 - permission: SELECT
48 table: helm_workloads
49 instanceRef:
50 name: ${edge_sql_db_name}-migrated
51 projectID: ${gcp_project_id}
52 prune: true
View as plain text