apiVersion: iam.cnrm.cloud.google.com/v1beta1 kind: IAMCustomRole metadata: name: logmondev annotations: cnrm.cloud.google.com/deletion-policy: abandon cnrm.cloud.google.com/project-id: ${gcp_project_id} description: | Provides only the required permissions for viewing logs and metrics, and creating dashboards and alerts pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: o11y-infra pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-o11y' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a labels: cluster_hash: ${cluster_hash} cluster_uuid: ${cluster_uuid} spec: permissions: - cloudnotifications.activities.list - logging.buckets.get - logging.buckets.list - logging.exclusions.get - logging.exclusions.list - logging.locations.get - logging.locations.list - logging.logEntries.download - logging.logEntries.list - logging.logMetrics.create - logging.logMetrics.get - logging.logMetrics.list - logging.logMetrics.delete - logging.logMetrics.update - logging.logServiceIndexes.list - logging.logServices.list - logging.logs.list - logging.notificationRules.create - logging.notificationRules.update - logging.notificationRules.delete - logging.operations.get - logging.operations.list - logging.queries.create - logging.queries.delete - logging.queries.get - logging.queries.list - logging.queries.listShared - logging.queries.share - logging.queries.update - logging.queries.updateShared - logging.sinks.get - logging.sinks.list - logging.usage.get - logging.views.access - logging.views.get - logging.views.list - logging.views.listLogs - logging.views.listResourceKeys - logging.views.listResourceValues - monitoring.alertPolicies.create - monitoring.alertPolicies.delete - monitoring.alertPolicies.get - monitoring.alertPolicies.list - monitoring.alertPolicies.update - monitoring.dashboards.get - monitoring.dashboards.list - monitoring.dashboards.create - monitoring.dashboards.delete - monitoring.dashboards.update - monitoring.groups.get - monitoring.groups.list - monitoring.incidents.get - monitoring.incidents.update - monitoring.metricDescriptors.get - monitoring.metricDescriptors.list - monitoring.monitoredResourceDescriptors.get - monitoring.monitoredResourceDescriptors.list - monitoring.notificationChannelDescriptors.get - monitoring.notificationChannelDescriptors.list - monitoring.notificationChannels.create - monitoring.notificationChannels.delete - monitoring.notificationChannels.get - monitoring.notificationChannels.list - monitoring.notificationChannels.sendVerificationCode - monitoring.notificationChannels.update - monitoring.notificationChannels.verify - monitoring.publicWidgets.get - monitoring.publicWidgets.list - monitoring.services.get - monitoring.services.list - monitoring.slos.get - monitoring.slos.list - monitoring.timeSeries.list - monitoring.uptimeCheckConfigs.create - monitoring.uptimeCheckConfigs.get - monitoring.uptimeCheckConfigs.list - opsconfigmonitoring.resourceMetadata.list - resourcemanager.projects.get - serviceusage.services.use - stackdriver.projects.get title: logmondev --- apiVersion: iam.cnrm.cloud.google.com/v1beta1 kind: IAMPolicyMember metadata: name: github-actions-monitoring-syncing annotations: cnrm.cloud.google.com/deletion-policy: abandon cnrm.cloud.google.com/project-id: ${gcp_project_id} pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: o11y-infra pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-o11y' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a labels: cluster_hash: ${cluster_hash} cluster_uuid: ${cluster_uuid} spec: member: serviceAccount:github-actions-runner@ret-edge-dev-infra.iam.gserviceaccount.com resourceRef: apiVersion: resourcemanager.cnrm.cloud.google.com/v1beta1 kind: Project external: "projects/${gcp_project_id}" role: roles/monitoring.editor