diff --git a/install/0000_30_machine-api-operator_00_credentials-request.yaml b/install/0000_30_machine-api-operator_00_credentials-request.yaml index 77eb1b370..19437e30c 100644 --- a/install/0000_30_machine-api-operator_00_credentials-request.yaml +++ b/install/0000_30_machine-api-operator_00_credentials-request.yaml @@ -158,9 +158,52 @@ spec: providerSpec: apiVersion: cloudcredential.openshift.io/v1 kind: GCPProviderSpec - predefinedRoles: - - "roles/compute.admin" - - "roles/iam.serviceAccountUser" + permissions: + - "iam.serviceAccounts.actAs" + - "iam.serviceAccounts.get" + - "iam.serviceAccounts.list" + - "compute.acceleratorTypes.get" + - "compute.acceleratorTypes.list" + - "compute.disks.create" + - "compute.disks.setLabels" + - "compute.globalOperations.get" + - "compute.globalOperations.list" + - "compute.healthChecks.useReadOnly" + - "compute.instanceGroups.create" + - "compute.instanceGroups.delete" + - "compute.instanceGroups.get" + - "compute.instanceGroups.list" + - "compute.instanceGroups.update" + - "compute.instances.create" + - "compute.instances.delete" + - "compute.instances.get" + - "compute.instances.list" + - "compute.instances.use" + - "compute.instances.setLabels" + - "compute.instances.setMetadata" + - "compute.instances.setTags" + - "compute.instances.setServiceAccount" + - "compute.instances.update" + - "compute.machineTypes.get" + - "compute.machineTypes.list" + - "compute.projects.get" + - "compute.regionBackendServices.get" + - "compute.regionBackendServices.create" + - "compute.regionBackendServices.update" + - "compute.regions.get" + - "compute.regions.list" + - "compute.subnetworks.use" + - "compute.targetPools.addInstance" + - "compute.targetPools.delete" + - "compute.targetPools.get" + - "compute.targetPools.removeInstance" + - "compute.zoneOperations.get" + - "compute.zoneOperations.list" + - "compute.zones.get" + - "compute.zones.list" + - "serviceusage.quotas.get" + - "serviceusage.services.get" + - "serviceusage.services.list" --- apiVersion: cloudcredential.openshift.io/v1