Skip to content

Commit

Permalink
GCP IAM Updates Detected
Browse files Browse the repository at this point in the history
  • Loading branch information
@jdyke
jdyke committed Feb 28, 2024
1 parent 7867766 commit 4388a37
Show file tree
Hide file tree
Showing 15 changed files with 44 additions and 53 deletions.
7 changes: 1 addition & 6 deletions roles/cloudfunctions.admin
View file
Original file line number Diff line number Diff line change
Expand Up @@ -79,12 +79,6 @@
"recommender.runServiceIdentityRecommendations.get",
"recommender.runServiceIdentityRecommendations.list",
"recommender.runServiceIdentityRecommendations.update",
"recommender.runServicePerformanceInsights.get",
"recommender.runServicePerformanceInsights.list",
"recommender.runServicePerformanceInsights.update",
"recommender.runServicePerformanceRecommendations.get",
"recommender.runServicePerformanceRecommendations.list",
"recommender.runServicePerformanceRecommendations.update",
"recommender.runServiceSecurityInsights.get",
"recommender.runServiceSecurityInsights.list",
"recommender.runServiceSecurityInsights.update",
Expand All @@ -96,6 +90,7 @@
"resourcemanager.projects.list",
"run.configurations.get",
"run.configurations.list",
"run.executions.cancel",
"run.executions.delete",
"run.executions.get",
"run.executions.list",
Expand Down
7 changes: 7 additions & 0 deletions roles/cloudfunctions.developer
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,6 +72,12 @@
"recommender.runServiceIdentityRecommendations.get",
"recommender.runServiceIdentityRecommendations.list",
"recommender.runServiceIdentityRecommendations.update",
"recommender.runServicePerformanceInsights.get",
"recommender.runServicePerformanceInsights.list",
"recommender.runServicePerformanceInsights.update",
"recommender.runServicePerformanceRecommendations.get",
"recommender.runServicePerformanceRecommendations.list",
"recommender.runServicePerformanceRecommendations.update",
"recommender.runServiceSecurityInsights.get",
"recommender.runServiceSecurityInsights.list",
"recommender.runServiceSecurityInsights.update",
Expand All @@ -83,6 +89,7 @@
"resourcemanager.projects.list",
"run.configurations.get",
"run.configurations.list",
"run.executions.cancel",
"run.executions.delete",
"run.executions.get",
"run.executions.list",
Expand Down
7 changes: 7 additions & 0 deletions roles/cloudfunctions.serviceAgent
View file
Original file line number Diff line number Diff line change
Expand Up @@ -125,6 +125,12 @@
"recommender.runServiceIdentityRecommendations.get",
"recommender.runServiceIdentityRecommendations.list",
"recommender.runServiceIdentityRecommendations.update",
"recommender.runServicePerformanceInsights.get",
"recommender.runServicePerformanceInsights.list",
"recommender.runServicePerformanceInsights.update",
"recommender.runServicePerformanceRecommendations.get",
"recommender.runServicePerformanceRecommendations.list",
"recommender.runServicePerformanceRecommendations.update",
"recommender.runServiceSecurityInsights.get",
"recommender.runServiceSecurityInsights.list",
"recommender.runServiceSecurityInsights.update",
Expand All @@ -137,6 +143,7 @@
"resourcemanager.projects.list",
"run.configurations.get",
"run.configurations.list",
"run.executions.cancel",
"run.executions.delete",
"run.executions.get",
"run.executions.list",
Expand Down
33 changes: 0 additions & 33 deletions roles/dataplex.admin
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,14 +5,6 @@
"cloudasset.assets.analyzeIamPolicy",
"cloudasset.assets.searchAllIamPolicies",
"cloudasset.assets.searchAllResources",
"dataplex.aspectTypes.create",
"dataplex.aspectTypes.delete",
"dataplex.aspectTypes.get",
"dataplex.aspectTypes.getIamPolicy",
"dataplex.aspectTypes.list",
"dataplex.aspectTypes.setIamPolicy",
"dataplex.aspectTypes.update",
"dataplex.aspectTypes.use",
"dataplex.assetActions.list",
"dataplex.assets.create",
"dataplex.assets.delete",
Expand Down Expand Up @@ -66,31 +58,6 @@
"dataplex.entities.get",
"dataplex.entities.list",
"dataplex.entities.update",
"dataplex.entries.create",
"dataplex.entries.delete",
"dataplex.entries.get",
"dataplex.entries.list",
"dataplex.entries.update",
"dataplex.entryGroups.create",
"dataplex.entryGroups.delete",
"dataplex.entryGroups.get",
"dataplex.entryGroups.getIamPolicy",
"dataplex.entryGroups.list",
"dataplex.entryGroups.setIamPolicy",
"dataplex.entryGroups.update",
"dataplex.entryGroups.useContactsAspect",
"dataplex.entryGroups.useGenericAspect",
"dataplex.entryGroups.useGenericEntry",
"dataplex.entryGroups.useOverviewAspect",
"dataplex.entryGroups.useSchemaAspect",
"dataplex.entryTypes.create",
"dataplex.entryTypes.delete",
"dataplex.entryTypes.get",
"dataplex.entryTypes.getIamPolicy",
"dataplex.entryTypes.list",
"dataplex.entryTypes.setIamPolicy",
"dataplex.entryTypes.update",
"dataplex.entryTypes.use",
"dataplex.environments.create",
"dataplex.environments.delete",
"dataplex.environments.execute",
Expand Down
2 changes: 1 addition & 1 deletion roles/dataplex.entryGroupOwner
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,6 @@
"resourcemanager.projects.list"
],
"name": "roles/dataplex.entryGroupOwner",
"stage": "ALPHA",
"stage": "GA",
"title": "Dataplex Entry Group Owner"
}
9 changes: 0 additions & 9 deletions roles/dataplex.viewer
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,6 @@
"etag": "AA==",
"includedPermissions": [
"cloudasset.assets.analyzeIamPolicy",
"dataplex.aspectTypes.get",
"dataplex.aspectTypes.getIamPolicy",
"dataplex.aspectTypes.list",
"dataplex.assetActions.list",
"dataplex.assets.get",
"dataplex.assets.getIamPolicy",
Expand All @@ -25,12 +22,6 @@
"dataplex.datascans.get",
"dataplex.datascans.getIamPolicy",
"dataplex.datascans.list",
"dataplex.entryGroups.get",
"dataplex.entryGroups.getIamPolicy",
"dataplex.entryGroups.list",
"dataplex.entryTypes.get",
"dataplex.entryTypes.getIamPolicy",
"dataplex.entryTypes.list",
"dataplex.environments.get",
"dataplex.environments.getIamPolicy",
"dataplex.environments.list",
Expand Down
1 change: 1 addition & 0 deletions roles/editor
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7021,6 +7021,7 @@
"rma.operations.list",
"run.configurations.get",
"run.configurations.list",
"run.executions.cancel",
"run.executions.delete",
"run.executions.get",
"run.executions.list",
Expand Down
7 changes: 7 additions & 0 deletions roles/firebase.admin
View file
Original file line number Diff line number Diff line change
Expand Up @@ -377,6 +377,12 @@
"recommender.runServiceIdentityRecommendations.get",
"recommender.runServiceIdentityRecommendations.list",
"recommender.runServiceIdentityRecommendations.update",
"recommender.runServicePerformanceInsights.get",
"recommender.runServicePerformanceInsights.list",
"recommender.runServicePerformanceInsights.update",
"recommender.runServicePerformanceRecommendations.get",
"recommender.runServicePerformanceRecommendations.list",
"recommender.runServicePerformanceRecommendations.update",
"recommender.runServiceSecurityInsights.get",
"recommender.runServiceSecurityInsights.list",
"recommender.runServiceSecurityInsights.update",
Expand All @@ -389,6 +395,7 @@
"resourcemanager.projects.list",
"run.configurations.get",
"run.configurations.list",
"run.executions.cancel",
"run.executions.delete",
"run.executions.get",
"run.executions.list",
Expand Down
7 changes: 7 additions & 0 deletions roles/firebase.developAdmin
View file
Original file line number Diff line number Diff line change
Expand Up @@ -281,6 +281,12 @@
"recommender.runServiceIdentityRecommendations.get",
"recommender.runServiceIdentityRecommendations.list",
"recommender.runServiceIdentityRecommendations.update",
"recommender.runServicePerformanceInsights.get",
"recommender.runServicePerformanceInsights.list",
"recommender.runServicePerformanceInsights.update",
"recommender.runServicePerformanceRecommendations.get",
"recommender.runServicePerformanceRecommendations.list",
"recommender.runServicePerformanceRecommendations.update",
"recommender.runServiceSecurityInsights.get",
"recommender.runServiceSecurityInsights.list",
"recommender.runServiceSecurityInsights.update",
Expand All @@ -293,6 +299,7 @@
"resourcemanager.projects.list",
"run.configurations.get",
"run.configurations.list",
"run.executions.cancel",
"run.executions.delete",
"run.executions.get",
"run.executions.list",
Expand Down
4 changes: 4 additions & 0 deletions roles/firebase.developViewer
View file
Original file line number Diff line number Diff line change
Expand Up @@ -119,6 +119,10 @@
"recommender.runServiceIdentityInsights.list",
"recommender.runServiceIdentityRecommendations.get",
"recommender.runServiceIdentityRecommendations.list",
"recommender.runServicePerformanceInsights.get",
"recommender.runServicePerformanceInsights.list",
"recommender.runServicePerformanceRecommendations.get",
"recommender.runServicePerformanceRecommendations.list",
"recommender.runServiceSecurityInsights.get",
"recommender.runServiceSecurityInsights.list",
"recommender.runServiceSecurityRecommendations.get",
Expand Down
1 change: 1 addition & 0 deletions roles/owner
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8102,6 +8102,7 @@
"rma.operations.list",
"run.configurations.get",
"run.configurations.list",
"run.executions.cancel",
"run.executions.delete",
"run.executions.get",
"run.executions.list",
Expand Down
1 change: 1 addition & 0 deletions roles/run.admin
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@
"resourcemanager.projects.list",
"run.configurations.get",
"run.configurations.list",
"run.executions.cancel",
"run.executions.delete",
"run.executions.get",
"run.executions.list",
Expand Down
6 changes: 6 additions & 0 deletions roles/run.developer
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,12 @@
"recommender.runServiceIdentityRecommendations.get",
"recommender.runServiceIdentityRecommendations.list",
"recommender.runServiceIdentityRecommendations.update",
"recommender.runServicePerformanceInsights.get",
"recommender.runServicePerformanceInsights.list",
"recommender.runServicePerformanceInsights.update",
"recommender.runServicePerformanceRecommendations.get",
"recommender.runServicePerformanceRecommendations.list",
"recommender.runServicePerformanceRecommendations.update",
"recommender.runServiceSecurityInsights.get",
"recommender.runServiceSecurityInsights.list",
"recommender.runServiceSecurityInsights.update",
Expand Down
1 change: 1 addition & 0 deletions roles/run.invoker
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@
"description": "Can invoke a Cloud Run service.",
"etag": "AA==",
"includedPermissions": [
"run.executions.cancel",
"run.jobs.run",
"run.routes.invoke"
],
Expand Down
4 changes: 0 additions & 4 deletions roles/run.viewer
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,10 +12,6 @@
"recommender.runServiceIdentityInsights.list",
"recommender.runServiceIdentityRecommendations.get",
"recommender.runServiceIdentityRecommendations.list",
"recommender.runServicePerformanceInsights.get",
"recommender.runServicePerformanceInsights.list",
"recommender.runServicePerformanceRecommendations.get",
"recommender.runServicePerformanceRecommendations.list",
"recommender.runServiceSecurityInsights.get",
"recommender.runServiceSecurityInsights.list",
"recommender.runServiceSecurityRecommendations.get",
Expand Down

0 comments on commit 4388a37

Please sign in to comment.