1apiVersion: iam.cnrm.cloud.google.com/v1beta1
2kind: IAMPolicyMember
3metadata:
4 name: kcc-foreman-artifact-admin
5spec:
6 member: serviceAccount:kcc-${cluster_hash}@${gcp_project_id}.iam.gserviceaccount.com
7 resourceRef:
8 apiVersion: artifactregistry.cnrm.cloud.google.com/v1beta1
9 kind: ArtifactRegistryRepository
10 external: projects/${foreman_gcp_project_id}/locations/${gcp_region}/repositories/warehouse
11 role: roles/artifactregistry.admin
12---
13apiVersion: iam.cnrm.cloud.google.com/v1beta1
14kind: IAMPolicyMember
15metadata:
16 name: kcc-foreman-ctlfish-pubsub-admin
17spec:
18 member: serviceAccount:kcc-${cluster_hash}@${gcp_project_id}.iam.gserviceaccount.com
19 resourceRef:
20 apiVersion: pubsub.cnrm.cloud.google.com/v1beta1
21 kind: PubSubTopic
22 external: projects/${foreman_gcp_project_id}/topics/ctlfish-pubsub
23 role: roles/pubsub.admin
View as plain text