Skip to content

Commit

Permalink
audit: QQ kubernetes-public: why cloudfunctions and source enabled?
Browse files Browse the repository at this point in the history
  • Loading branch information
@spiffxp
spiffxp committed Jan 15, 2021
1 parent eb88737 commit d3ad9b7
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 1 deletion.
15 changes: 14 additions & 1 deletion audit/projects/kubernetes-public/iam.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,12 @@
],
"role": "roles/bigquery.jobUser"
},
{
"members": [
"serviceAccount:[email protected]"
],
"role": "roles/cloudfunctions.serviceAgent"
},
{
"members": [
"group:[email protected]"
Expand Down Expand Up @@ -65,6 +71,7 @@
"members": [
"serviceAccount:[email protected]",
"serviceAccount:[email protected]",
"serviceAccount:[email protected]",
"serviceAccount:[email protected]"
],
"role": "roles/editor"
Expand Down Expand Up @@ -93,6 +100,12 @@
],
"role": "roles/logging.logWriter"
},
{
"members": [
"group:[email protected]"
],
"role": "roles/logging.privateLogViewer"
},
{
"members": [
"serviceAccount:[email protected]"
Expand All @@ -101,7 +114,7 @@
},
{
"members": [
"serviceAccount:gke-nodes-aaa@kubernetes-public.iam.gserviceaccount.com"
"group:gke-security-groups@kubernetes.io"
],
"role": "roles/monitoring.viewer"
},
Expand Down
2 changes: 2 additions & 0 deletions audit/projects/kubernetes-public/services/enabled.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ bigquery.googleapis.com BigQuery API
bigquery.googleapis.com BigQuery API
bigquerystorage.googleapis.com BigQuery Storage API
clouderrorreporting.googleapis.com Error Reporting API
cloudfunctions.googleapis.com Cloud Functions API
cloudresourcemanager.googleapis.com Cloud Resource Manager API
cloudshell.googleapis.com Cloud Shell API
compute.googleapis.com Compute Engine API
Expand All @@ -17,6 +18,7 @@ oslogin.googleapis.com Cloud OS Login API
pubsub.googleapis.com Cloud Pub/Sub API
secretmanager.googleapis.com Secret Manager API
serviceusage.googleapis.com Service Usage API
source.googleapis.com Legacy Cloud Source Repositories API
stackdriver.googleapis.com Stackdriver API
storage-api.googleapis.com Google Cloud Storage JSON API
storage-component.googleapis.com Cloud Storage

0 comments on commit d3ad9b7

Please sign in to comment.