1apiVersion: backend.edge.ncr.com/v1alpha2
2kind: DatabaseUser
3metadata:
4 name: cctl-${cluster_hash}
5spec:
6 type: CLOUD_IAM_SERVICE_ACCOUNT
7 serviceAccount:
8 emailRef: cctl-${cluster_hash}@${gcp_project_id}.iam.gserviceaccount.com
9 iamUsername: cctl-${cluster_hash}@${gcp_project_id}.iam
10 force: true
11 grants:
12 - schema: public
13 tableGrant:
14 - permissions:
15 - permission: SELECT
16 - permission: TRIGGER
17 - permission: UPDATE
18 table: clusters
19 - permissions:
20 - permission: SELECT
21 table: terminals
22 - permissions:
23 - permission: SELECT
24 table: labels
25 - permissions:
26 - permission: SELECT
27 table: cluster_labels
28 - permissions:
29 - permission: SELECT
30 table: banners
31 - permissions:
32 - permission: SELECT
33 table: channels
34 - permissions:
35 - permission: INSERT
36 - permission: SELECT
37 table: helm_workloads_channels
38 instanceRef:
39 name: ${edge_sql_db_name}-migrated
40 projectID: ${gcp_project_id}
41 prune: true
View as plain text