Skip to content

Commit

Permalink
GCP IAM Updates Detected
Browse files Browse the repository at this point in the history
  • Loading branch information
@jdyke
jdyke committed Jan 10, 2025
1 parent 015071f commit 94e4a0b
Show file tree
Hide file tree
Showing 14 changed files with 78 additions and 1 deletion.
13 changes: 13 additions & 0 deletions roles/aiplatform.customCodeServiceAgent
View file
Original file line number Diff line number Diff line change
Expand Up @@ -189,6 +189,7 @@
"aiplatform.indexes.get",
"aiplatform.indexes.list",
"aiplatform.indexes.update",
"aiplatform.locations.evaluateInstances",
"aiplatform.locations.get",
"aiplatform.locations.list",
"aiplatform.metadataSchemas.create",
Expand Down Expand Up @@ -263,6 +264,18 @@
"aiplatform.pipelineJobs.delete",
"aiplatform.pipelineJobs.get",
"aiplatform.pipelineJobs.list",
"aiplatform.provisionedThroughputs.list",
"aiplatform.ragCorpora.create",
"aiplatform.ragCorpora.delete",
"aiplatform.ragCorpora.get",
"aiplatform.ragCorpora.list",
"aiplatform.ragCorpora.query",
"aiplatform.ragCorpora.update",
"aiplatform.ragFiles.delete",
"aiplatform.ragFiles.get",
"aiplatform.ragFiles.import",
"aiplatform.ragFiles.list",
"aiplatform.ragFiles.upload",
"aiplatform.reasoningEngines.create",
"aiplatform.reasoningEngines.delete",
"aiplatform.reasoningEngines.get",
Expand Down
3 changes: 2 additions & 1 deletion roles/aiplatform.expressAdmin
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,8 @@
"aiplatform.datasets.get",
"aiplatform.datasets.list",
"aiplatform.datasets.update",
"aiplatform.endpoints.predict"
"aiplatform.endpoints.predict",
"aiplatform.locations.evaluateInstances"
],
"name": "roles/aiplatform.expressAdmin",
"stage": "BETA",
Expand Down
1 change: 1 addition & 0 deletions roles/aiplatform.extensionServiceAgent
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@
"includedPermissions": [
"aiplatform.endpoints.predict",
"aiplatform.locations.get",
"aiplatform.ragCorpora.query",
"discoveryengine.servingConfigs.search",
"iam.serviceAccounts.getAccessToken",
"iam.serviceAccounts.getOpenIdToken",
Expand Down
1 change: 1 addition & 0 deletions roles/bigquery.studioAdmin
View file
Original file line number Diff line number Diff line change
Expand Up @@ -126,6 +126,7 @@
"bigquery.tables.setIamPolicy",
"bigquery.tables.update",
"bigquery.tables.updateData",
"bigquery.tables.updateIndex",
"bigquery.tables.updateTag",
"bigquery.transfers.get",
"bigquery.transfers.update",
Expand Down
1 change: 1 addition & 0 deletions roles/connectors.serviceAgent
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@
"description": "Grants Connectors Platform service account to manage customer resources",
"etag": "AA==",
"includedPermissions": [
"connectors.actions.execute",
"connectors.actions.list",
"connectors.connections.get",
"connectors.connections.getConnectionSchemaMetadata",
Expand Down
1 change: 1 addition & 0 deletions roles/dataflow.serviceAgent
View file
Original file line number Diff line number Diff line change
Expand Up @@ -123,6 +123,7 @@
"bigquery.tables.setIamPolicy",
"bigquery.tables.update",
"bigquery.tables.updateData",
"bigquery.tables.updateIndex",
"bigquery.tables.updateTag",
"bigquery.transfers.get",
"bigquery.transfers.update",
Expand Down
3 changes: 3 additions & 0 deletions roles/datafusion.viewer
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,9 @@
"datafusion.instances.listTagBindings",
"datafusion.locations.get",
"datafusion.locations.list",
"datafusion.namespaces.get",
"datafusion.namespaces.getIamPolicy",
"datafusion.namespaces.list",
"datafusion.operations.get",
"datafusion.operations.list",
"datafusion.pipelineConnections.get",
Expand Down
1 change: 1 addition & 0 deletions roles/dataplex.aspectTypeOwner
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@
"dataplex.aspectTypes.setIamPolicy",
"dataplex.aspectTypes.update",
"dataplex.aspectTypes.use",
"dataplex.operations.get",
"dataplex.projects.search",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
Expand Down
1 change: 1 addition & 0 deletions roles/dataplex.entryTypeOwner
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@
"dataplex.entryTypes.setIamPolicy",
"dataplex.entryTypes.update",
"dataplex.entryTypes.use",
"dataplex.operations.get",
"dataplex.projects.search",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
Expand Down
30 changes: 30 additions & 0 deletions roles/editor
View file
Original file line number Diff line number Diff line change
Expand Up @@ -241,6 +241,7 @@
"aiplatform.indexes.get",
"aiplatform.indexes.list",
"aiplatform.indexes.update",
"aiplatform.locations.evaluateInstances",
"aiplatform.locations.get",
"aiplatform.locations.list",
"aiplatform.metadataSchemas.create",
Expand Down Expand Up @@ -320,6 +321,19 @@
"aiplatform.pipelineJobs.delete",
"aiplatform.pipelineJobs.get",
"aiplatform.pipelineJobs.list",
"aiplatform.provisionedThroughputs.create",
"aiplatform.provisionedThroughputs.list",
"aiplatform.ragCorpora.create",
"aiplatform.ragCorpora.delete",
"aiplatform.ragCorpora.get",
"aiplatform.ragCorpora.list",
"aiplatform.ragCorpora.query",
"aiplatform.ragCorpora.update",
"aiplatform.ragFiles.delete",
"aiplatform.ragFiles.get",
"aiplatform.ragFiles.import",
"aiplatform.ragFiles.list",
"aiplatform.ragFiles.upload",
"aiplatform.reasoningEngines.create",
"aiplatform.reasoningEngines.delete",
"aiplatform.reasoningEngines.get",
Expand Down Expand Up @@ -1442,6 +1456,7 @@
"bigquery.tables.listTagBindings",
"bigquery.tables.replicateData",
"bigquery.tables.restoreSnapshot",
"bigquery.tables.updateIndex",
"bigquery.transfers.get",
"bigquery.transfers.update",
"bigquerymigration.subtasks.get",
Expand Down Expand Up @@ -4170,10 +4185,16 @@
"datafusion.instances.upgrade",
"datafusion.locations.get",
"datafusion.locations.list",
"datafusion.namespaces.create",
"datafusion.namespaces.delete",
"datafusion.namespaces.get",
"datafusion.namespaces.getIamPolicy",
"datafusion.namespaces.list",
"datafusion.namespaces.provisionCredential",
"datafusion.namespaces.readRepository",
"datafusion.namespaces.setServiceAccount",
"datafusion.namespaces.unsetServiceAccount",
"datafusion.namespaces.update",
"datafusion.namespaces.updateRepositoryMetadata",
"datafusion.namespaces.writeRepository",
"datafusion.operations.cancel",
Expand Down Expand Up @@ -4269,6 +4290,7 @@
"datamigration.migrationjobs.create",
"datamigration.migrationjobs.delete",
"datamigration.migrationjobs.demoteDestination",
"datamigration.migrationjobs.fetchSourceObjects",
"datamigration.migrationjobs.generateSshScript",
"datamigration.migrationjobs.generateTcpProxyScript",
"datamigration.migrationjobs.get",
Expand Down Expand Up @@ -6755,6 +6777,11 @@
"netapp.operations.delete",
"netapp.operations.get",
"netapp.operations.list",
"netapp.quotaRules.create",
"netapp.quotaRules.delete",
"netapp.quotaRules.get",
"netapp.quotaRules.list",
"netapp.quotaRules.update",
"netapp.replications.create",
"netapp.replications.delete",
"netapp.replications.establishPeering",
Expand Down Expand Up @@ -7944,6 +7971,7 @@
"retail.branches.list",
"retail.catalogs.completeQuery",
"retail.catalogs.exportAnalyticsMetrics",
"retail.catalogs.get",
"retail.catalogs.import",
"retail.catalogs.list",
"retail.catalogs.update",
Expand Down Expand Up @@ -8261,6 +8289,7 @@
"securitycentermanagement.securityCommandCenter.activate",
"securitycentermanagement.securityCommandCenter.checkActivationOperation",
"securitycentermanagement.securityCommandCenter.checkEligibility",
"securitycentermanagement.securityCommandCenter.checkOnboardingStatus",
"securitycentermanagement.securityCommandCenter.generateServiceAccounts",
"securitycentermanagement.securityCommandCenter.get",
"securitycentermanagement.securityCommandCenter.update",
Expand Down Expand Up @@ -8344,6 +8373,7 @@
"servicedirectory.services.list",
"servicedirectory.services.resolve",
"servicedirectory.services.update",
"servicehealth.artifacts.get",
"servicehealth.events.get",
"servicehealth.events.list",
"servicehealth.locations.get",
Expand Down
6 changes: 6 additions & 0 deletions roles/iam.securityReviewer
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,9 @@
"aiplatform.operations.list",
"aiplatform.persistentResources.list",
"aiplatform.pipelineJobs.list",
"aiplatform.provisionedThroughputs.list",
"aiplatform.ragCorpora.list",
"aiplatform.ragFiles.list",
"aiplatform.reasoningEngines.list",
"aiplatform.schedules.list",
"aiplatform.sessions.list",
Expand Down Expand Up @@ -832,6 +835,8 @@
"datafusion.instances.getIamPolicy",
"datafusion.instances.list",
"datafusion.locations.list",
"datafusion.namespaces.getIamPolicy",
"datafusion.namespaces.list",
"datafusion.operations.list",
"datafusion.pipelineConnections.list",
"datafusion.pipelines.list",
Expand Down Expand Up @@ -1420,6 +1425,7 @@
"netapp.kmsConfigs.list",
"netapp.locations.list",
"netapp.operations.list",
"netapp.quotaRules.list",
"netapp.replications.list",
"netapp.snapshots.list",
"netapp.storagePools.list",
Expand Down
1 change: 1 addition & 0 deletions roles/securitycentermanagement.settingsEditor
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@
"securitycentermanagement.securityCommandCenter.activate",
"securitycentermanagement.securityCommandCenter.checkActivationOperation",
"securitycentermanagement.securityCommandCenter.checkEligibility",
"securitycentermanagement.securityCommandCenter.checkOnboardingStatus",
"securitycentermanagement.securityCommandCenter.generateServiceAccounts",
"securitycentermanagement.securityCommandCenter.get",
"securitycentermanagement.securityCommandCenter.update",
Expand Down
1 change: 1 addition & 0 deletions roles/servicehealth.viewer
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@
"includedPermissions": [
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"servicehealth.artifacts.get",
"servicehealth.events.get",
"servicehealth.events.list",
"servicehealth.locations.get",
Expand Down
16 changes: 16 additions & 0 deletions roles/viewer
View file
Original file line number Diff line number Diff line change
Expand Up @@ -107,6 +107,7 @@
"aiplatform.indexEndpoints.queryVectors",
"aiplatform.indexes.get",
"aiplatform.indexes.list",
"aiplatform.locations.evaluateInstances",
"aiplatform.locations.get",
"aiplatform.locations.list",
"aiplatform.metadataSchemas.get",
Expand Down Expand Up @@ -146,6 +147,12 @@
"aiplatform.persistentResources.list",
"aiplatform.pipelineJobs.get",
"aiplatform.pipelineJobs.list",
"aiplatform.provisionedThroughputs.list",
"aiplatform.ragCorpora.get",
"aiplatform.ragCorpora.list",
"aiplatform.ragCorpora.query",
"aiplatform.ragFiles.get",
"aiplatform.ragFiles.list",
"aiplatform.reasoningEngines.get",
"aiplatform.reasoningEngines.list",
"aiplatform.reasoningEngines.query",
Expand Down Expand Up @@ -2078,6 +2085,9 @@
"datafusion.instances.listTagBindings",
"datafusion.locations.get",
"datafusion.locations.list",
"datafusion.namespaces.get",
"datafusion.namespaces.getIamPolicy",
"datafusion.namespaces.list",
"datafusion.operations.get",
"datafusion.operations.list",
"datafusion.pipelineConnections.get",
Expand Down Expand Up @@ -2121,6 +2131,7 @@
"datamigration.locations.get",
"datamigration.locations.list",
"datamigration.mappingrules.getIamPolicy",
"datamigration.migrationjobs.fetchSourceObjects",
"datamigration.migrationjobs.get",
"datamigration.migrationjobs.getIamPolicy",
"datamigration.migrationjobs.list",
Expand Down Expand Up @@ -3338,6 +3349,8 @@
"netapp.locations.list",
"netapp.operations.get",
"netapp.operations.list",
"netapp.quotaRules.get",
"netapp.quotaRules.list",
"netapp.replications.get",
"netapp.replications.list",
"netapp.snapshots.get",
Expand Down Expand Up @@ -3980,6 +3993,7 @@
"retail.branches.list",
"retail.catalogs.completeQuery",
"retail.catalogs.exportAnalyticsMetrics",
"retail.catalogs.get",
"retail.catalogs.list",
"retail.controls.export",
"retail.controls.get",
Expand Down Expand Up @@ -4158,6 +4172,7 @@
"securitycentermanagement.securityCenterServices.list",
"securitycentermanagement.securityCommandCenter.checkActivationOperation",
"securitycentermanagement.securityCommandCenter.checkEligibility",
"securitycentermanagement.securityCommandCenter.checkOnboardingStatus",
"securitycentermanagement.securityCommandCenter.get",
"securitycentermanagement.securityHealthAnalyticsCustomModules.get",
"securitycentermanagement.securityHealthAnalyticsCustomModules.list",
Expand Down Expand Up @@ -4203,6 +4218,7 @@
"servicedirectory.services.getIamPolicy",
"servicedirectory.services.list",
"servicedirectory.services.resolve",
"servicehealth.artifacts.get",
"servicehealth.events.get",
"servicehealth.events.list",
"servicehealth.locations.get",
Expand Down

0 comments on commit 94e4a0b

Please sign in to comment.