1apiVersion: iam.cnrm.cloud.google.com/v1beta1
2kind: IAMPartialPolicy
3metadata:
4 name: response-topic-policy.${cluster_uuid}.dsds-ea-sa
5 annotations:
6 cnrm.cloud.google.com/project-id: ${gcp_project_id}
7 cnrm.cloud.google.com/state-into-spec: merge
8 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
9 pallet.edge.ncr.com/name: remotecli-cluster-infra
10 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
11 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
12 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds'
13 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
14 labels:
15 cluster_hash: ${cluster_hash}
16 cluster_uuid: ${cluster_uuid}
17spec:
18 bindings:
19 - members:
20 - memberFrom:
21 serviceAccountRef:
22 name: service-account.${cluster_uuid}.dsds-ea
23 role: roles/pubsub.publisher
24 resourceRef:
25 apiVersion: pubsub.cnrm.cloud.google.com/v1beta1
26 kind: PubSubTopic
27 external: projects/${gcp_project_id}/topics/topic.dsds-ea-response
28---
29apiVersion: iam.cnrm.cloud.google.com/v1beta1
30kind: IAMPartialPolicy
31metadata:
32 name: subscription-policy.${cluster_uuid}.dsds-ea-sa
33 annotations:
34 cnrm.cloud.google.com/project-id: ${gcp_project_id}
35 cnrm.cloud.google.com/state-into-spec: merge
36 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
37 pallet.edge.ncr.com/name: remotecli-cluster-infra
38 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
39 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
40 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds'
41 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
42 labels:
43 cluster_hash: ${cluster_hash}
44 cluster_uuid: ${cluster_uuid}
45spec:
46 bindings:
47 - members:
48 - memberFrom:
49 serviceAccountRef:
50 name: service-account.${cluster_uuid}.dsds-ea
51 role: roles/pubsub.subscriber
52 resourceRef:
53 name: sub.${cluster_uuid}.dsds-ea-request
54 apiVersion: pubsub.cnrm.cloud.google.com/v1beta1
55 kind: PubSubSubscription
56---
57apiVersion: iam.cnrm.cloud.google.com/v1beta1
58kind: IAMServiceAccount
59metadata:
60 name: service-account.${cluster_uuid}.dsds-ea
61 annotations:
62 cnrm.cloud.google.com/project-id: ${gcp_project_id}
63 cnrm.cloud.google.com/state-into-spec: merge
64 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
65 pallet.edge.ncr.com/name: remotecli-cluster-infra
66 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
67 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
68 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds'
69 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
70 labels:
71 cluster_hash: ${cluster_hash}
72 cluster_uuid: ${cluster_uuid}
73spec:
74 description: "Remote Agent Emergency Access Service Account. (${cluster_uuid})"
75 resourceID: dsds-ea-${cluster_hash}
76---
77apiVersion: iam.cnrm.cloud.google.com/v1beta1
78kind: IAMServiceAccountKey
79metadata:
80 name: remotecli-${cluster_uuid}-gcp-api-key
81 annotations:
82 cnrm.cloud.google.com/project-id: ${gcp_project_id}
83 cnrm.cloud.google.com/state-into-spec: merge
84 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
85 pallet.edge.ncr.com/name: remotecli-cluster-infra
86 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
87 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
88 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds'
89 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
90 labels:
91 cluster_hash: ${cluster_hash}
92 cluster_uuid: ${cluster_uuid}
93spec:
94 serviceAccountRef:
95 name: service-account.${cluster_uuid}.dsds-ea
96---
97apiVersion: pubsub.cnrm.cloud.google.com/v1beta1
98kind: PubSubSubscription
99metadata:
100 name: sub.${cluster_uuid}.dsds-ea-request
101 annotations:
102 cnrm.cloud.google.com/project-id: ${gcp_project_id}
103 cnrm.cloud.google.com/state-into-spec: merge
104 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
105 pallet.edge.ncr.com/name: remotecli-cluster-infra
106 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
107 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
108 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds'
109 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
110 labels:
111 cluster_hash: ${cluster_hash}
112 cluster_uuid: ${cluster_uuid}
113spec:
114 enableMessageOrdering: true
115 filter: attributes.storeId="${cluster_uuid}"
116 resourceID: sub.${cluster_uuid}.dsds-ea-request
117 topicRef:
118 external: projects/${gcp_project_id}/topics/topic.dsds-ea-request
119---
120apiVersion: pubsub.cnrm.cloud.google.com/v1beta1
121kind: PubSubSubscription
122metadata:
123 name: sub.${cluster_uuid}.dsds-ea-response
124 annotations:
125 cnrm.cloud.google.com/project-id: ${gcp_project_id}
126 cnrm.cloud.google.com/state-into-spec: merge
127 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
128 pallet.edge.ncr.com/name: remotecli-cluster-infra
129 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
130 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
131 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds'
132 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
133 labels:
134 cluster_hash: ${cluster_hash}
135 cluster_uuid: ${cluster_uuid}
136spec:
137 enableMessageOrdering: true
138 filter: attributes.storeId="${cluster_uuid}"
139 resourceID: sub.${cluster_uuid}.dsds-ea-response
140 topicRef:
141 external: projects/${gcp_project_id}/topics/topic.dsds-ea-response
142---
143apiVersion: secretmanager.cnrm.cloud.google.com/v1beta1
144kind: SecretManagerSecret
145metadata:
146 name: remotecli-${cluster_uuid}-gcp-api-key
147 annotations:
148 cnrm.cloud.google.com/project-id: ${gcp_project_id}
149 cnrm.cloud.google.com/state-into-spec: merge
150 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
151 pallet.edge.ncr.com/name: remotecli-cluster-infra
152 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
153 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
154 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds'
155 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
156 labels:
157 cluster_hash: ${cluster_hash}
158 cluster_uuid: ${cluster_uuid}
159spec:
160 replication:
161 automatic: true
162---
163apiVersion: secretmanager.cnrm.cloud.google.com/v1beta1
164kind: SecretManagerSecretVersion
165metadata:
166 name: secret-manager-secret-version.${cluster_uuid}.dsds-ea-sa
167 annotations:
168 cnrm.cloud.google.com/project-id: ${gcp_project_id}
169 cnrm.cloud.google.com/state-into-spec: merge
170 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
171 pallet.edge.ncr.com/name: remotecli-cluster-infra
172 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
173 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
174 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds'
175 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
176 labels:
177 cluster_hash: ${cluster_hash}
178 cluster_uuid: ${cluster_uuid}
179spec:
180 secretRef:
181 name: remotecli-${cluster_uuid}-gcp-api-key
182 enabled: true
183 secretData:
184 valueFrom:
185 secretKeyRef:
186 name: remotecli-${cluster_uuid}-gcp-api-key
187 key: key.json
View as plain text