Skip to content

Commit

Permalink
GCP IAM Updates Detected
Browse files Browse the repository at this point in the history
  • Loading branch information
@jdyke
jdyke committed Nov 15, 2024
1 parent a93af39 commit a15602c
Show file tree
Hide file tree
Showing 11 changed files with 37 additions and 1 deletion.
7 changes: 7 additions & 0 deletions roles/chronicle.restrictedDataAccessViewer
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,8 @@
"chronicle.operations.list",
"chronicle.operations.streamSearch",
"chronicle.operations.wait",
"chronicle.preferenceSets.get",
"chronicle.preferenceSets.update",
"chronicle.referenceLists.get",
"chronicle.referenceLists.list",
"chronicle.referenceLists.verifyReferenceList",
Expand All @@ -80,6 +82,11 @@
"chronicle.rules.list",
"chronicle.rules.listRevisions",
"chronicle.rules.verifyRuleText",
"chronicle.searchQueries.create",
"chronicle.searchQueries.delete",
"chronicle.searchQueries.get",
"chronicle.searchQueries.list",
"chronicle.searchQueries.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
Expand Down
3 changes: 2 additions & 1 deletion roles/chronicle.viewer
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,8 @@
"chronicle.dataTables.list",
"chronicle.dataTaps.get",
"chronicle.dataTaps.list",
"chronicle.enrichmentControls.get",
"chronicle.enrichmentControls.list",
"chronicle.entities.find",
"chronicle.entities.findRelatedEntities",
"chronicle.entities.get",
Expand Down Expand Up @@ -103,7 +105,6 @@
"chronicle.legacies.legacyGetRuleCounts",
"chronicle.legacies.legacyGetRulesTrends",
"chronicle.legacies.legacyRunTestRule",
"chronicle.legacies.legacySearchAlerts",
"chronicle.legacies.legacySearchArtifactEvents",
"chronicle.legacies.legacySearchArtifactIoCDetails",
"chronicle.legacies.legacySearchAssetEvents",
Expand Down
4 changes: 4 additions & 0 deletions roles/composer.serviceAgent
View file
Original file line number Diff line number Diff line change
Expand Up @@ -464,6 +464,8 @@
"compute.networkEndpointGroups.listEffectiveTags",
"compute.networkEndpointGroups.listTagBindings",
"compute.networkEndpointGroups.use",
"compute.networkProfiles.get",
"compute.networkProfiles.list",
"compute.networks.access",
"compute.networks.addPeering",
"compute.networks.create",
Expand Down Expand Up @@ -681,6 +683,7 @@
"compute.snapshots.setIamPolicy",
"compute.snapshots.setLabels",
"compute.snapshots.useReadOnly",
"compute.spotAssistants.get",
"compute.sslCertificates.get",
"compute.sslCertificates.list",
"compute.sslCertificates.listEffectiveTags",
Expand Down Expand Up @@ -715,6 +718,7 @@
"compute.subnetworks.update",
"compute.subnetworks.use",
"compute.subnetworks.useExternalIp",
"compute.subnetworks.usePeerMigration",
"compute.targetGrpcProxies.create",
"compute.targetGrpcProxies.createTagBinding",
"compute.targetGrpcProxies.delete",
Expand Down
4 changes: 4 additions & 0 deletions roles/container.serviceAgent
View file
Original file line number Diff line number Diff line change
Expand Up @@ -426,6 +426,8 @@
"compute.networkEndpointGroups.listEffectiveTags",
"compute.networkEndpointGroups.listTagBindings",
"compute.networkEndpointGroups.use",
"compute.networkProfiles.get",
"compute.networkProfiles.list",
"compute.networks.access",
"compute.networks.addPeering",
"compute.networks.create",
Expand Down Expand Up @@ -676,6 +678,7 @@
"compute.snapshots.setIamPolicy",
"compute.snapshots.setLabels",
"compute.snapshots.useReadOnly",
"compute.spotAssistants.get",
"compute.sslCertificates.create",
"compute.sslCertificates.createTagBinding",
"compute.sslCertificates.delete",
Expand Down Expand Up @@ -719,6 +722,7 @@
"compute.subnetworks.update",
"compute.subnetworks.use",
"compute.subnetworks.useExternalIp",
"compute.subnetworks.usePeerMigration",
"compute.targetGrpcProxies.create",
"compute.targetGrpcProxies.createTagBinding",
"compute.targetGrpcProxies.delete",
Expand Down
3 changes: 3 additions & 0 deletions roles/dialogflow.serviceAgent
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,8 +46,11 @@
"dialogflow.conversationDatasets.list",
"dialogflow.conversationModels.get",
"dialogflow.conversationModels.list",
"dialogflow.conversationProfiles.create",
"dialogflow.conversationProfiles.delete",
"dialogflow.conversationProfiles.get",
"dialogflow.conversationProfiles.list",
"dialogflow.conversationProfiles.update",
"dialogflow.conversations.addPhoneNumber",
"dialogflow.conversations.complete",
"dialogflow.conversations.create",
Expand Down
3 changes: 3 additions & 0 deletions roles/discoveryengine.admin
View file
Original file line number Diff line number Diff line change
Expand Up @@ -111,6 +111,9 @@
"discoveryengine.siteSearchEngines.fetchDomainVerificationStatus",
"discoveryengine.siteSearchEngines.get",
"discoveryengine.siteSearchEngines.recrawlUris",
"discoveryengine.sitemaps.create",
"discoveryengine.sitemaps.delete",
"discoveryengine.sitemaps.fetch",
"discoveryengine.suggestionDenyListEntries.import",
"discoveryengine.suggestionDenyListEntries.purge",
"discoveryengine.targetSites.batchCreate",
Expand Down
3 changes: 3 additions & 0 deletions roles/genomics.serviceAgent
View file
Original file line number Diff line number Diff line change
Expand Up @@ -261,6 +261,8 @@
"compute.networkEndpointGroups.listEffectiveTags",
"compute.networkEndpointGroups.listTagBindings",
"compute.networkEndpointGroups.use",
"compute.networkProfiles.get",
"compute.networkProfiles.list",
"compute.networks.get",
"compute.networks.list",
"compute.networks.listEffectiveTags",
Expand Down Expand Up @@ -359,6 +361,7 @@
"compute.snapshots.setIamPolicy",
"compute.snapshots.setLabels",
"compute.snapshots.useReadOnly",
"compute.spotAssistants.get",
"compute.sslCertificates.get",
"compute.sslCertificates.list",
"compute.sslCertificates.listEffectiveTags",
Expand Down
1 change: 1 addition & 0 deletions roles/iam.principalAccessBoundaryAdmin
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
"etag": "AA==",
"includedPermissions": [
"cloudasset.assets.listResource",
"cloudasset.assets.searchAllResources",
"iam.principalaccessboundarypolicies.bind",
"iam.principalaccessboundarypolicies.create",
"iam.principalaccessboundarypolicies.delete",
Expand Down
4 changes: 4 additions & 0 deletions roles/notebooks.legacyAdmin
View file
Original file line number Diff line number Diff line change
Expand Up @@ -419,6 +419,8 @@
"compute.networkEndpointGroups.listEffectiveTags",
"compute.networkEndpointGroups.listTagBindings",
"compute.networkEndpointGroups.use",
"compute.networkProfiles.get",
"compute.networkProfiles.list",
"compute.networks.access",
"compute.networks.addPeering",
"compute.networks.create",
Expand Down Expand Up @@ -720,6 +722,7 @@
"compute.snapshots.setIamPolicy",
"compute.snapshots.setLabels",
"compute.snapshots.useReadOnly",
"compute.spotAssistants.get",
"compute.sslCertificates.create",
"compute.sslCertificates.createTagBinding",
"compute.sslCertificates.delete",
Expand Down Expand Up @@ -763,6 +766,7 @@
"compute.subnetworks.update",
"compute.subnetworks.use",
"compute.subnetworks.useExternalIp",
"compute.subnetworks.usePeerMigration",
"compute.targetGrpcProxies.create",
"compute.targetGrpcProxies.createTagBinding",
"compute.targetGrpcProxies.delete",
Expand Down
1 change: 1 addition & 0 deletions roles/policyanalyzer.activityAnalysisViewer
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@
"description": "Viewer user that can read all activity analysis.",
"etag": "AA==",
"includedPermissions": [
"policyanalyzer.resourceAuthorizationActivities.query",
"policyanalyzer.serviceAccountKeyLastAuthenticationActivities.query",
"policyanalyzer.serviceAccountLastAuthenticationActivities.query"
],
Expand Down
5 changes: 5 additions & 0 deletions roles/redis.editor
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,11 @@
"etag": "AA==",
"includedPermissions": [
"compute.networks.list",
"redis.backupCollections.get",
"redis.backupCollections.list",
"redis.backups.get",
"redis.backups.list",
"redis.clusters.backup",
"redis.clusters.get",
"redis.clusters.list",
"redis.clusters.update",
Expand Down

0 comments on commit a15602c

Please sign in to comment.