diff --git a/manifests/0000_26_cloud-controller-manager-operator_16_credentialsrequest-gcp.yaml b/manifests/0000_26_cloud-controller-manager-operator_16_credentialsrequest-gcp.yaml index 112e8c78b..04cf3fcef 100644 --- a/manifests/0000_26_cloud-controller-manager-operator_16_credentialsrequest-gcp.yaml +++ b/manifests/0000_26_cloud-controller-manager-operator_16_credentialsrequest-gcp.yaml @@ -16,10 +16,43 @@ spec: providerSpec: apiVersion: cloudcredential.openshift.io/v1 kind: GCPProviderSpec - predefinedRoles: - - roles/compute.instanceAdmin - - roles/compute.loadBalancerAdmin - - roles/iam.serviceAccountUser + permissions: + - "compute.addresses.create" + - "compute.addresses.delete" + - "compute.addresses.get" + - "compute.addresses.list" + - "compute.firewalls.create" + - "compute.firewalls.delete" + - "compute.firewalls.get" + - "compute.firewalls.update" + - "compute.forwardingRules.create" + - "compute.forwardingRules.delete" + - "compute.forwardingRules.get" + - "compute.healthChecks.create" + - "compute.healthChecks.delete" + - "compute.healthChecks.get" + - "compute.healthChecks.update" + - "compute.httpHealthChecks.create" + - "compute.httpHealthChecks.delete" + - "compute.httpHealthChecks.get" + - "compute.httpHealthChecks.update" + - "compute.instanceGroups.create" + - "compute.instanceGroups.delete" + - "compute.instanceGroups.get" + - "compute.instanceGroups.update" + - "compute.instances.get" + - "compute.instances.use" + - "compute.regionBackendServices.create" + - "compute.regionBackendServices.delete" + - "compute.regionBackendServices.get" + - "compute.regionBackendServices.update" + - "compute.targetPools.addInstance" + - "compute.targetPools.create" + - "compute.targetPools.delete" + - "compute.targetPools.get" + - "compute.targetPools.removeInstance" + - "compute.zones.list" + # If set to true, don't check whether the requested # roles have the necessary services enabled skipServiceCheck: true