Text file src/edge-infra.dev/config/pallets/o11y/iam-custom-roles/logmonview-role.yaml

Documentation: edge-infra.dev/config/pallets/o11y/iam-custom-roles

     1apiVersion: iam.cnrm.cloud.google.com/v1beta1
     2kind: IAMCustomRole
     3metadata:
     4  name: logmonview
     5  namespace: o11y
     6  annotations:
     7    description: |
     8      Provides only the required permissions for viewing logging and monitoring resources.
     9spec:
    10  permissions:
    11  - cloudnotifications.activities.list
    12  - logging.buckets.get
    13  - logging.buckets.list
    14  - logging.exclusions.get
    15  - logging.exclusions.list
    16  - logging.locations.get
    17  - logging.locations.list
    18  - logging.logEntries.download
    19  - logging.logEntries.list
    20  - logging.logMetrics.get
    21  - logging.logMetrics.list
    22  - logging.logServiceIndexes.list
    23  - logging.logServices.list
    24  - logging.logs.list
    25  - logging.operations.get
    26  - logging.operations.list
    27  - logging.queries.create
    28  - logging.queries.delete
    29  - logging.queries.get
    30  - logging.queries.list
    31  - logging.queries.listShared
    32  - logging.queries.share
    33  - logging.queries.update
    34  - logging.queries.updateShared
    35  - logging.sinks.get
    36  - logging.sinks.list
    37  - logging.usage.get
    38  - logging.views.access
    39  - logging.views.get
    40  - logging.views.list
    41  - logging.views.listLogs
    42  - logging.views.listResourceKeys
    43  - logging.views.listResourceValues
    44  - monitoring.alertPolicies.get
    45  - monitoring.alertPolicies.list
    46  - monitoring.dashboards.get
    47  - monitoring.dashboards.list
    48  - monitoring.groups.get
    49  - monitoring.groups.list
    50  - monitoring.incidents.get
    51  - monitoring.metricDescriptors.get
    52  - monitoring.metricDescriptors.list
    53  - monitoring.monitoredResourceDescriptors.get
    54  - monitoring.monitoredResourceDescriptors.list
    55  - monitoring.notificationChannelDescriptors.get
    56  - monitoring.notificationChannelDescriptors.list
    57  - monitoring.notificationChannels.get
    58  - monitoring.notificationChannels.list
    59  - monitoring.publicWidgets.get
    60  - monitoring.publicWidgets.list
    61  - monitoring.services.get
    62  - monitoring.services.list
    63  - monitoring.slos.get
    64  - monitoring.slos.list
    65  - monitoring.timeSeries.list
    66  - monitoring.uptimeCheckConfigs.get
    67  - monitoring.uptimeCheckConfigs.list
    68  - opsconfigmonitoring.resourceMetadata.list
    69  - resourcemanager.projects.get
    70  - serviceusage.services.use
    71  - stackdriver.projects.get
    72  - stackdriver.resourceMetadata.list
    73  title: logmonview

View as plain text