audit as of 2020-02-17

audit/org_kubernetes.io/iam.json

@@ -72,6 +72,7 @@
         "group:[email protected]",
         "user:[email protected]",
         "user:[email protected]",
+        "user:[email protected]",
         "user:[email protected]",
         "user:[email protected]",
         "user:[email protected]"
@@ -96,6 +97,12 @@
       ],
       "role": "roles/resourcemanager.projectDeleter"
     },
+    {
+      "members": [
+        "group:[email protected]"
+      ],
+      "role": "roles/secretmanager.viewer"
+    },
     {
       "members": [
         "group:[email protected]"

audit/projects/k8s-artifacts-prod-bak/services/compute/project-info.json

@@ -113,6 +113,10 @@
       "limit": 200,
       "metric": "SECURITY_POLICY_RULES"
     },
+    {
+      "limit": 1000,
+      "metric": "XPN_SERVICE_PROJECTS"
+    },
     {
       "limit": 150,
       "metric": "PACKET_MIRRORINGS"

audit/projects/k8s-artifacts-prod/services/compute/project-info.json

@@ -113,6 +113,10 @@
       "limit": 200,
       "metric": "SECURITY_POLICY_RULES"
     },
+    {
+      "limit": 1000,
+      "metric": "XPN_SERVICE_PROJECTS"
+    },
     {
       "limit": 150,
       "metric": "PACKET_MIRRORINGS"

audit/projects/k8s-cip-test-prod/services/compute/project-info.json

@@ -113,6 +113,10 @@
       "limit": 200,
       "metric": "SECURITY_POLICY_RULES"
     },
+    {
+      "limit": 1000,
+      "metric": "XPN_SERVICE_PROJECTS"
+    },
     {
       "limit": 150,
       "metric": "PACKET_MIRRORINGS"

audit/projects/k8s-conform/buckets/k8s-conform-provider-openstack/bucketpolicyonly.txt

@@ -0,0 +1,4 @@
+Bucket Policy Only setting for gs://k8s-conform-provider-openstack:
+  Enabled: True
+  LockedTime: 2021-05-16 15:12:16.571000+00:00
+

audit/projects/k8s-conform/buckets/k8s-conform-provider-openstack/cors.txt

@@ -0,0 +1 @@
+gs://k8s-conform-provider-openstack/ has no CORS configuration.

audit/projects/k8s-conform/buckets/k8s-conform-provider-openstack/iam.json

@@ -0,0 +1,39 @@
+{
+  "bindings": [
+    {
+      "members": [
+        "group:[email protected]",
+        "projectEditor:k8s-conform",
+        "projectOwner:k8s-conform"
+      ],
+      "role": "roles/storage.legacyBucketOwner"
+    },
+    {
+      "members": [
+        "projectViewer:k8s-conform"
+      ],
+      "role": "roles/storage.legacyBucketReader"
+    },
+    {
+      "members": [
+        "group:[email protected]",
+        "serviceAccount:[email protected]"
+      ],
+      "role": "roles/storage.legacyBucketWriter"
+    },
+    {
+      "members": [
+        "group:[email protected]",
+        "group:[email protected]",
+        "serviceAccount:[email protected]"
+      ],
+      "role": "roles/storage.objectAdmin"
+    },
+    {
+      "members": [
+        "allUsers"
+      ],
+      "role": "roles/storage.objectViewer"
+    }
+  ]
+}

audit/projects/k8s-conform/buckets/k8s-conform-provider-openstack/logging.txt

@@ -0,0 +1 @@
+gs://k8s-conform-provider-openstack/ has no logging configuration.

audit/projects/k8s-conform/secrets/service-provider-openstack-key/description.json

@@ -0,0 +1,7 @@
+{
+  "createTime": "2021-02-15T15:18:08.840992Z",
+  "name": "projects/228988630781/secrets/service-provider-openstack-key",
+  "replication": {
+    "automatic": {}
+  }
+}

audit/projects/k8s-infra-prow-build-trusted/secrets/windows-remote-docker_ca-pem/iam.json → audit/projects/k8s-conform/secrets/service-provider-openstack-key/iam.json

@@ -2,7 +2,7 @@
   "bindings": [
     {
       "members": [
-        "serviceAccount:[email protected]"
+        "group:[email protected]"
       ],
       "role": "roles/secretmanager.secretAccessor"
     }

audit/projects/k8s-conform/secrets/service-provider-openstack-key/versions.json

@@ -0,0 +1,10 @@
+[
+  {
+    "createTime": "2021-02-15T15:18:09.874889Z",
+    "name": "projects/228988630781/secrets/service-provider-openstack-key/versions/1",
+    "replicationStatus": {
+      "automatic": {}
+    },
+    "state": "ENABLED"
+  }
+]

audit/projects/k8s-conform/service-accounts/service-provider-openstack@k8s-conform.iam.gserviceaccount.com/description.json

@@ -0,0 +1,8 @@
+{
+  "displayName": "service-provider-openstack",
+  "email": "[email protected]",
+  "name": "projects/k8s-conform/serviceAccounts/[email protected]",
+  "oauth2ClientId": "114482259319052246948",
+  "projectId": "k8s-conform",
+  "uniqueId": "114482259319052246948"
+}

audit/projects/k8s-conform/service-accounts/service-provider-openstack@k8s-conform.iam.gserviceaccount.com/iam.json

@@ -0,0 +1 @@
+{}

audit/projects/k8s-conform/services/compute/project-info.json

@@ -113,6 +113,10 @@
       "limit": 200,
       "metric": "SECURITY_POLICY_RULES"
     },
+    {
+      "limit": 1000,
+      "metric": "XPN_SERVICE_PROJECTS"
+    },
     {
       "limit": 150,
       "metric": "PACKET_MIRRORINGS"

audit/projects/k8s-gcr-audit-test-prod/services/compute/project-info.json

@@ -113,6 +113,10 @@
       "limit": 200,
       "metric": "SECURITY_POLICY_RULES"
     },
+    {
+      "limit": 1000,
+      "metric": "XPN_SERVICE_PROJECTS"
+    },
     {
       "limit": 150,
       "metric": "PACKET_MIRRORINGS"

audit/projects/k8s-gcr-backup-test-prod-bak/services/compute/project-info.json

@@ -113,6 +113,10 @@
       "limit": 200,
       "metric": "SECURITY_POLICY_RULES"
     },
+    {
+      "limit": 1000,
+      "metric": "XPN_SERVICE_PROJECTS"
+    },
     {
       "limit": 150,
       "metric": "PACKET_MIRRORINGS"

audit/projects/k8s-infra-e2e-boskos-001/iam.json

@@ -12,6 +12,12 @@
       ],
       "role": "roles/compute.serviceAgent"
     },
+    {
+      "members": [
+        "serviceAccount:[email protected]"
+      ],
+      "role": "roles/containerregistry.ServiceAgent"
+    },
     {
       "members": [
         "serviceAccount:[email protected]",

audit/projects/k8s-infra-e2e-boskos-001/services/compute/project-info.json

@@ -119,6 +119,10 @@
       "limit": 200,
       "metric": "SECURITY_POLICY_RULES"
     },
+    {
+      "limit": 1000,
+      "metric": "XPN_SERVICE_PROJECTS"
+    },
     {
       "limit": 150,
       "metric": "PACKET_MIRRORINGS"

audit/projects/k8s-infra-e2e-boskos-001/services/enabled.txt

@@ -1,6 +1,9 @@
 NAME                              TITLE
 compute.googleapis.com            Compute Engine API
+containerregistry.googleapis.com  Container Registry API
 logging.googleapis.com            Cloud Logging API
 monitoring.googleapis.com         Cloud Monitoring API
 oslogin.googleapis.com            Cloud OS Login API
+pubsub.googleapis.com             Cloud Pub/Sub API
+storage-api.googleapis.com        Google Cloud Storage JSON API
 storage-component.googleapis.com  Cloud Storage

audit/projects/k8s-infra-e2e-boskos-002/iam.json

@@ -12,6 +12,12 @@
       ],
       "role": "roles/compute.serviceAgent"
     },
+    {
+      "members": [
+        "serviceAccount:[email protected]"
+      ],
+      "role": "roles/containerregistry.ServiceAgent"
+    },
     {
       "members": [
         "serviceAccount:[email protected]",

audit/projects/k8s-infra-e2e-boskos-002/services/compute/project-info.json

@@ -3,7 +3,7 @@
     "items": [
       {
         "key": "ssh-keys",
-        "value": "prow:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmYxHh/wwcV0P1aChuFLpl28w6DFyc7G5Xrw1F8wH1Re9AdxyemM2bTZ/PhsP3u9VDnNbyOw3UN00VFdumkFLjLf1WQ7Q6rZDlPjlw7urBIvAMqUecY6ae1znqsZ0dMBxOuPXHznlnjLjM5b7O7q5WsQMCA9Szbmz6DsuSyCuX0It2osBTN+8P/Fa6BNh3W8AF60M7L8/aUzLfbXVS2LIQKAHHD8CWqvXhLPuTJ03iSwFvgtAK1/J2XJwUP+OzAFrxj6A9LW5ZZgk3R3kRKr0xT/L7hga41rB1qy8Uz+Xr/PTVMNGW+nmU4bPgFchCK0JBK7B12ZcdVVFUEdpaAiKZ prow\nprow:prow:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmYxHh/wwcV0P1aChuFLpl28w6DFyc7G5Xrw1F8wH1Re9AdxyemM2bTZ/PhsP3u9VDnNbyOw3UN00VFdumkFLjLf1WQ7Q6rZDlPjlw7urBIvAMqUecY6ae1znqsZ0dMBxOuPXHznlnjLjM5b7O7q5WsQMCA9Szbmz6DsuSyCuX0It2osBTN+8P/Fa6BNh3W8AF60M7L8/aUzLfbXVS2LIQKAHHD8CWqvXhLPuTJ03iSwFvgtAK1/J2XJwUP+OzAFrxj6A9LW5ZZgk3R3kRKr0xT/L7hga41rB1qy8Uz+Xr/PTVMNGW+nmU4bPgFchCK0JBK7B12ZcdVVFUEdpaAiKZ prow\nkubetest2:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC6/mgA+HoI/URzKgNUO09IL+MRFtKAkXSxPSixv1GmJMslTckIZIHIvdR/fBHKKmqISSGtCcILl13sA42Wjiq4DQNOPmDdanyMUwySLnj/aLmmgnCX6YlIE3HeypSiwya4KKSNmC6LQB9/XRy4CGBx6dGIkYO2Mt9/yX9Dy0hMVaYeWzzDCO95QIUC2DzMLbWz2C/ltFP9KqGOVjHRsZ+leGkm0p+j3ZHi/BqjKcLvXXd8ZpOgWsAneuBnhMpYgznwBtq60Qzbjt3QrxVMPRaC89kqoIY4hyuGGxFKoS7nFSnPzZPhhArPeruGCb7JAMcY73+8DbistawHUTuagxxh root@d100e387-e38a-11ea-99eb-2ebeded86955\nkubetest2:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDKa9+LzzP9XnO0gvq6c40OKH3G28v6wKSSGZlZkE3BnMCn6IGo0YVSX8MgInOnCHTdxdRpd0zLL4khGr31aECphsoWGSNTTkUHj6hk0PJiOmhRXvu6U5IJis5ZtHRB+fAgr+Yy+I11XeW6Q81SnCiHNL3A/ONxTWAJy4zyMdLi9JM5UWys0eD+jN4znq/4Zv2OvkkRNNOtDk1ePrTNm8QXJShBQIoIdeavk7glj7b851b2zgYxVO7PF7ttzP+tpEMYmOzy1z15+8ozBFkrss8y0XI5sBIcIrGWePa8QVOkIrlZk7+UIUh0lj6/+Cgrt+mkdY1xM/IkevdMcHTDOOZb root@85a4af12-ed38-11ea-aebe-3e85ddc86bf2\nkubetest2:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDmHnrzoLjrchPN1xtrVYg36k9VsjoywnvLc0Oxvp831Ppsv4QwmkPFJFT6BdiwXxaIYyLNqh4hbemFMHDtUUuBhaQ2xahdP6rjoLb5oDnUxQ00r9lsc3WIAnhvK29Mdy+OunzMkevKmcTd+/u8xzWTGAT3eB+Il70g6KtH6H6vhPLDCZPtM6DuHGwLHji4hHq4kYAysLwgWIu3T+85Vsua4vylJfMMJI+Jj8uoetD1BaNVETfuhWSFVtT81OtO9PJ6Ot9OK66gMh2P0dcMgVhQy/zyZZhrz6k83uEo94sjnQ7MGztRAQrOUqd5g10V57/Z7Mxy5JIunma/8P0Yrd+f root@eefad147-f805-11ea-872a-bae3dc204648\nkubetest2:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDZXZiD6FcOjEijTwytqiEQgXOXTpV+atO+Lyz0MOVX9vs/H7JsBMppdWG2hnyQegmuTeinN2Sso/aMROjfiUdl6Wn4PIwuXTSuH4SVcQlksnw8LskXaARLlDH2zbwzktJpIhIBg1sy12SwataADR64Go2n9Hy1HMn5pASVZtFWxBW2pQw55BhV7QxCp4cWk9khXbCchY3afmwlORdPZKvGXuRliS+hxk+vf/TXzTvz/KIo7IvDHAABuz3wQyweLeXHlww90Y2lrBQn9ZCjDP19SFF1wC0UMkFVX/oPoMPmkmni+hZNSo+8oj3ZME4AIubSM7TKwSMZF3zgiusGU6np root@ab8a1788-0541-11eb-9dc4-ba187aea6a9a\nkubetest2:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDKCunZZi34boNOwg4HeqfoszJQS9UVojNFC10C1NJG1kdpp5bTX6OXjtkgw4N+dOgYfIFPGyTDGb1ILWI0Ok0xPFoyEPwi7bRYl3SBX7P7K6cPRqhXuBATJEPrx80/WQH2XWHi43OPcmnqpJHbzEkDO4hG05yYwbE1I70hQLATT/SiTQ9yvRg1n6OOPPvK6BmUYzKZwemRnNk+hSla0jyN8a9o5oNcpMfcUZw8MGPYuSWdjeY5DvXMHxNqg4jPkBe7ez3Y4Zo9lJ66Repb92CNrzkEJ28dnFFRFxE0HDTwoY5qO/XMtNFbMZX0ZNLxOnFj5uf/30tbl1qt02cs7qfR root@e9171581-0bf8-11eb-82af-de22b9665164\nkubetest2:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVcSEIeIV9wTFjoMMe7P5/KwLCoFXKB9Kcx1R4g4lnHNLEy6ApGqKd3IoZPi7DTyWKJ9VuHgWWtyXiR736iUgkOfvImfNElRh1cNc9u100yaY0JoIzDxE0HAxu4RMUXBSrnm4j2cawHoKsX/yL68yvcAoL36uCqUG+a7RI+j2mnWSV9MZ3Xw8nRVWmUA4BPzk5M0tJqOjACHyv6Jmq4AmX03iJkMDx+d0YK3Iv5w/EFSOAgy+AUZBRcbs5R5FHmGXyw38oE7BhbX3ZH7EAMrBaost7uc49baLe4NfPIBGMir+L1V9kbrKBxpmyYWZMUCKacPLr6omQGH2i2CndSVeJ root@b42f084a-2850-11eb-a35d-7a1d48297fba\nkubetest2:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVexUw3IlQi+aI3HCLpwamvbPNDOc/fQzQIm8Wb8cULwlgklOHYB0J1+tmRBkp6pBxk3kQYDiTb9J5TdD9ixZ1FpFdht422OaIQImnA/VJmY6kwLkc2XfEHnUTLwoJereJiT5VTStAFxv4t8NtCfLyq8OEVrsHa7+1XbwKJV8ouBkGT0NNuqeWzUYkOJS9KnKN30ZvOG2yImsmczwKGmZmxr+zA8vr5i93CleeEJFQ1dkmnRlzuIhqKtrQES5rYEIhQCrNvKJHBnXGxLk/Z7aZPA/pxma/Tt2uTTbLfjz4uhHKRF4tXBBzuGECq69HpdyDscisn6KSpmvNqygCUYiH root@cbeff39b-2f53-11eb-84c2-b68ef41a6728\nkubetest2:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCrc5be9JBic30Sw3kZU8v047C7yIgC/V0IRv5OjlgUNP+TC1D9jpMluWka5p2FiqLG52sAXqOlOd45FgwoNLaI6mZUXj4tC8LTKN+8xkSxGhHP67BewbKqUKUmLcxKPkjSPOVO+5YwBMdI+zzdjgi/z9fuweckHY/wnCjqG7QqvrW+7xYetf8aIEhK7bF08XZtOtGXsSfU/4FHKboBoRRBeihhdpn6AuP+rPCW4CI8BeRgvGvZlWcOu9Cf0IJEExr8cnXcCBUqMWIJDSKDTzgJv/RfovlNOF4upqcD/Y342gN+Jkf93aT6ElEsg3mRjLEGPX6FqKtLV0FDT/Ozq9sV root@ee5a9600-348f-11eb-84c2-b68ef41a6728\nkubetest2:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC9DCJFIGiCtRqp0C8hj0R8ocVNC/0jgOlMAN3+DDDWWszxI8cGgkg8TRQ8XJy6/0y0nvEgFmhFqbm6n4ELrsMyvbnwkpC4VimGOtDDP+GFlftLiVnpqFarCpAOV4rG/5908e+thQQR1CX2FPXPci1IWxzqGC3jT/m3CwKV+/3bHeulF5Ssd+IgP6zPhwVwpXK0sARhhYLz9rhydIJlalY/QBy5N/DER5Zh/p25k/UdJaX2Q0G2XEu38cKhJGJRJzs13jnr+IIC/ZEqpAt2bQEFh/OvHUARSO/4wAz9xpOqcNR5HfKKbJfCQHGWL7+yDD2Hj8s5m+SRPk5zC8SniLR5 root@1542b757-4d0e-11eb-af93-4e5abfa0c065\nkubetest2:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDHfeGFST+2Mwvmnw+xz6InE2vck0LBPchjHYqaVB+Yf2k+h5ROtq4CCCfKVlsG+/e9FNT/5DX+kv4O4p2vW3e8FbdE2iOXh8sVSHzvbCm95lwmKwlTbkiMHOdo96KvfxjOfUI+EuwKnpSm38t6exnEycrlF0lDPIEU+bLgVjamVH4ays3erl/cJiesWQOxyhXLUuLDGlGpMoR1+r4xyXL+BwboFaGY6n3oGOQJA1D2xnTF3YSF4SE+eAGsOdGIDhjrLGQQ9U/q+gR/y20znJD8VVewchYM5KM7fHVZg+wfDPNhCjmVqWkrQOfiukSG7Ajbe1BymEfPYKneeSy6guq3 root@b309703e-5069-11eb-bf1b-5279f1a59a83"
+        "value": "prow:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmYxHh/wwcV0P1aChuFLpl28w6DFyc7G5Xrw1F8wH1Re9AdxyemM2bTZ/PhsP3u9VDnNbyOw3UN00VFdumkFLjLf1WQ7Q6rZDlPjlw7urBIvAMqUecY6ae1znqsZ0dMBxOuPXHznlnjLjM5b7O7q5WsQMCA9Szbmz6DsuSyCuX0It2osBTN+8P/Fa6BNh3W8AF60M7L8/aUzLfbXVS2LIQKAHHD8CWqvXhLPuTJ03iSwFvgtAK1/J2XJwUP+OzAFrxj6A9LW5ZZgk3R3kRKr0xT/L7hga41rB1qy8Uz+Xr/PTVMNGW+nmU4bPgFchCK0JBK7B12ZcdVVFUEdpaAiKZ prow\nprow:prow:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmYxHh/wwcV0P1aChuFLpl28w6DFyc7G5Xrw1F8wH1Re9AdxyemM2bTZ/PhsP3u9VDnNbyOw3UN00VFdumkFLjLf1WQ7Q6rZDlPjlw7urBIvAMqUecY6ae1znqsZ0dMBxOuPXHznlnjLjM5b7O7q5WsQMCA9Szbmz6DsuSyCuX0It2osBTN+8P/Fa6BNh3W8AF60M7L8/aUzLfbXVS2LIQKAHHD8CWqvXhLPuTJ03iSwFvgtAK1/J2XJwUP+OzAFrxj6A9LW5ZZgk3R3kRKr0xT/L7hga41rB1qy8Uz+Xr/PTVMNGW+nmU4bPgFchCK0JBK7B12ZcdVVFUEdpaAiKZ prow\nkubetest2:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC6/mgA+HoI/URzKgNUO09IL+MRFtKAkXSxPSixv1GmJMslTckIZIHIvdR/fBHKKmqISSGtCcILl13sA42Wjiq4DQNOPmDdanyMUwySLnj/aLmmgnCX6YlIE3HeypSiwya4KKSNmC6LQB9/XRy4CGBx6dGIkYO2Mt9/yX9Dy0hMVaYeWzzDCO95QIUC2DzMLbWz2C/ltFP9KqGOVjHRsZ+leGkm0p+j3ZHi/BqjKcLvXXd8ZpOgWsAneuBnhMpYgznwBtq60Qzbjt3QrxVMPRaC89kqoIY4hyuGGxFKoS7nFSnPzZPhhArPeruGCb7JAMcY73+8DbistawHUTuagxxh root@d100e387-e38a-11ea-99eb-2ebeded86955\nkubetest2:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDKa9+LzzP9XnO0gvq6c40OKH3G28v6wKSSGZlZkE3BnMCn6IGo0YVSX8MgInOnCHTdxdRpd0zLL4khGr31aECphsoWGSNTTkUHj6hk0PJiOmhRXvu6U5IJis5ZtHRB+fAgr+Yy+I11XeW6Q81SnCiHNL3A/ONxTWAJy4zyMdLi9JM5UWys0eD+jN4znq/4Zv2OvkkRNNOtDk1ePrTNm8QXJShBQIoIdeavk7glj7b851b2zgYxVO7PF7ttzP+tpEMYmOzy1z15+8ozBFkrss8y0XI5sBIcIrGWePa8QVOkIrlZk7+UIUh0lj6/+Cgrt+mkdY1xM/IkevdMcHTDOOZb root@85a4af12-ed38-11ea-aebe-3e85ddc86bf2\nkubetest2:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDmHnrzoLjrchPN1xtrVYg36k9VsjoywnvLc0Oxvp831Ppsv4QwmkPFJFT6BdiwXxaIYyLNqh4hbemFMHDtUUuBhaQ2xahdP6rjoLb5oDnUxQ00r9lsc3WIAnhvK29Mdy+OunzMkevKmcTd+/u8xzWTGAT3eB+Il70g6KtH6H6vhPLDCZPtM6DuHGwLHji4hHq4kYAysLwgWIu3T+85Vsua4vylJfMMJI+Jj8uoetD1BaNVETfuhWSFVtT81OtO9PJ6Ot9OK66gMh2P0dcMgVhQy/zyZZhrz6k83uEo94sjnQ7MGztRAQrOUqd5g10V57/Z7Mxy5JIunma/8P0Yrd+f root@eefad147-f805-11ea-872a-bae3dc204648\nkubetest2:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDZXZiD6FcOjEijTwytqiEQgXOXTpV+atO+Lyz0MOVX9vs/H7JsBMppdWG2hnyQegmuTeinN2Sso/aMROjfiUdl6Wn4PIwuXTSuH4SVcQlksnw8LskXaARLlDH2zbwzktJpIhIBg1sy12SwataADR64Go2n9Hy1HMn5pASVZtFWxBW2pQw55BhV7QxCp4cWk9khXbCchY3afmwlORdPZKvGXuRliS+hxk+vf/TXzTvz/KIo7IvDHAABuz3wQyweLeXHlww90Y2lrBQn9ZCjDP19SFF1wC0UMkFVX/oPoMPmkmni+hZNSo+8oj3ZME4AIubSM7TKwSMZF3zgiusGU6np root@ab8a1788-0541-11eb-9dc4-ba187aea6a9a\nkubetest2:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDKCunZZi34boNOwg4HeqfoszJQS9UVojNFC10C1NJG1kdpp5bTX6OXjtkgw4N+dOgYfIFPGyTDGb1ILWI0Ok0xPFoyEPwi7bRYl3SBX7P7K6cPRqhXuBATJEPrx80/WQH2XWHi43OPcmnqpJHbzEkDO4hG05yYwbE1I70hQLATT/SiTQ9yvRg1n6OOPPvK6BmUYzKZwemRnNk+hSla0jyN8a9o5oNcpMfcUZw8MGPYuSWdjeY5DvXMHxNqg4jPkBe7ez3Y4Zo9lJ66Repb92CNrzkEJ28dnFFRFxE0HDTwoY5qO/XMtNFbMZX0ZNLxOnFj5uf/30tbl1qt02cs7qfR root@e9171581-0bf8-11eb-82af-de22b9665164\nkubetest2:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVcSEIeIV9wTFjoMMe7P5/KwLCoFXKB9Kcx1R4g4lnHNLEy6ApGqKd3IoZPi7DTyWKJ9VuHgWWtyXiR736iUgkOfvImfNElRh1cNc9u100yaY0JoIzDxE0HAxu4RMUXBSrnm4j2cawHoKsX/yL68yvcAoL36uCqUG+a7RI+j2mnWSV9MZ3Xw8nRVWmUA4BPzk5M0tJqOjACHyv6Jmq4AmX03iJkMDx+d0YK3Iv5w/EFSOAgy+AUZBRcbs5R5FHmGXyw38oE7BhbX3ZH7EAMrBaost7uc49baLe4NfPIBGMir+L1V9kbrKBxpmyYWZMUCKacPLr6omQGH2i2CndSVeJ root@b42f084a-2850-11eb-a35d-7a1d48297fba\nkubetest2:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVexUw3IlQi+aI3HCLpwamvbPNDOc/fQzQIm8Wb8cULwlgklOHYB0J1+tmRBkp6pBxk3kQYDiTb9J5TdD9ixZ1FpFdht422OaIQImnA/VJmY6kwLkc2XfEHnUTLwoJereJiT5VTStAFxv4t8NtCfLyq8OEVrsHa7+1XbwKJV8ouBkGT0NNuqeWzUYkOJS9KnKN30ZvOG2yImsmczwKGmZmxr+zA8vr5i93CleeEJFQ1dkmnRlzuIhqKtrQES5rYEIhQCrNvKJHBnXGxLk/Z7aZPA/pxma/Tt2uTTbLfjz4uhHKRF4tXBBzuGECq69HpdyDscisn6KSpmvNqygCUYiH root@cbeff39b-2f53-11eb-84c2-b68ef41a6728\nkubetest2:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCrc5be9JBic30Sw3kZU8v047C7yIgC/V0IRv5OjlgUNP+TC1D9jpMluWka5p2FiqLG52sAXqOlOd45FgwoNLaI6mZUXj4tC8LTKN+8xkSxGhHP67BewbKqUKUmLcxKPkjSPOVO+5YwBMdI+zzdjgi/z9fuweckHY/wnCjqG7QqvrW+7xYetf8aIEhK7bF08XZtOtGXsSfU/4FHKboBoRRBeihhdpn6AuP+rPCW4CI8BeRgvGvZlWcOu9Cf0IJEExr8cnXcCBUqMWIJDSKDTzgJv/RfovlNOF4upqcD/Y342gN+Jkf93aT6ElEsg3mRjLEGPX6FqKtLV0FDT/Ozq9sV root@ee5a9600-348f-11eb-84c2-b68ef41a6728\nkubetest2:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC9DCJFIGiCtRqp0C8hj0R8ocVNC/0jgOlMAN3+DDDWWszxI8cGgkg8TRQ8XJy6/0y0nvEgFmhFqbm6n4ELrsMyvbnwkpC4VimGOtDDP+GFlftLiVnpqFarCpAOV4rG/5908e+thQQR1CX2FPXPci1IWxzqGC3jT/m3CwKV+/3bHeulF5Ssd+IgP6zPhwVwpXK0sARhhYLz9rhydIJlalY/QBy5N/DER5Zh/p25k/UdJaX2Q0G2XEu38cKhJGJRJzs13jnr+IIC/ZEqpAt2bQEFh/OvHUARSO/4wAz9xpOqcNR5HfKKbJfCQHGWL7+yDD2Hj8s5m+SRPk5zC8SniLR5 root@1542b757-4d0e-11eb-af93-4e5abfa0c065\nkubetest2:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDHfeGFST+2Mwvmnw+xz6InE2vck0LBPchjHYqaVB+Yf2k+h5ROtq4CCCfKVlsG+/e9FNT/5DX+kv4O4p2vW3e8FbdE2iOXh8sVSHzvbCm95lwmKwlTbkiMHOdo96KvfxjOfUI+EuwKnpSm38t6exnEycrlF0lDPIEU+bLgVjamVH4ays3erl/cJiesWQOxyhXLUuLDGlGpMoR1+r4xyXL+BwboFaGY6n3oGOQJA1D2xnTF3YSF4SE+eAGsOdGIDhjrLGQQ9U/q+gR/y20znJD8VVewchYM5KM7fHVZg+wfDPNhCjmVqWkrQOfiukSG7Ajbe1BymEfPYKneeSy6guq3 root@b309703e-5069-11eb-bf1b-5279f1a59a83\nkubetest2:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDdUQSUvv95PndR83gXcsjYsgL4HOEI2QbCiP9aH44tSted60/GtCqN9X88TBz/W2XuKUnGnKoWn8WbL6Diq6hM7YSE6agQ7GxAmJzy3s2kwCU7xGJRSmI/6kdyOj/32j2rp8riEzrJ1uTXpOJDt/Yy4M8rbeA2h0aQX97GcqPHdLz1YRmg/T0ClcxQ+LtYN9X1/8EyM4rnhmDIRpOm9f43TLmCTzs4SSqytloUd3csojbedTI8sKbEtEj4Z3bez/UPsE68RPbk8E2Mo5dXyI+NxWJ2fJIqSmHlQh2F39+UXgh5QnU17mKAls0FZYbS4z22u+Je48iEFeXwBIroS7mp root@3af7dc4e-5a17-11eb-88de-22d0764934dc\nkubetest2:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDIYGODzDrCmVADHqjyGQxOR1RnIOjHHpio5fiLQxDVfwY54L0H6xgqbXR4PV2HFjeKnGLIqQ8erfboLcCz7aD6aODhHKgmgqJ1PZbkBLw+miFRi5jbjvjzSorfuEMBre7UOZgM534ThZVqHZxl9el0OcpNpIX+dTf5hiDnQa/rhn4yVBo792VSsbxd3pp/t/Q3wNx1MIQ8+7YN3mxFXVqO7FSEWhhjdTtxxL9ScJOk6kHUZgbAePIEsyDH5hm6YRFnWnbgvMlDT9b6sOr81HsO8knDbLIAwnpjsafDI+rbzGGmko1yN0KUBZmOBFpCi465kXi5tL4Pmegw9lmaSGZz root@ccdb17ae-5cc1-11eb-9ec6-4e9464752f0a\nkubetest2:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC3l05VsTLd+2AAjtMPnESiGKy0qIT5P5mG036fyPrMWZanBQSbE5GsFy1IPgkcz/EUZ9BL0OG1z6Jev58H+eHp+LNyyP83WM7HL7agP+7EmTF9dChPFJk6N/sDU70D2Xp71XfO1njJAelhOENRwgoTwwqUOcB3d5NGyQVjLLyTi5YNKuneQ4P9j9ILH2rnl39WFGUvqclODaBGtE5kYOrSkYF116IxKI2mGYKxNZqH4ULcDKEzrdHZw+OTtLC4VNoZYAFmr9HICd08YfYn3H62INLLG92jF8misEJhs1HUomyH5aTFMDNooq2BL3WSipvARcjikK1B3pGz4j1RdjvN root@673a8b25-6443-11eb-af4a-7eb1b39743c0\nkubetest2:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCehS4EO+XIzL7v6muhSew0Y9EwwDPyGku219GT24hnB/sMONFLhLWFoqQf67KeNPYzRzBECcVL1rTMkxD6LXjILMBgyxgU1GsfypCBCnSeSE2kwszH/Xs1z4aLJUyN+yiojFbK8J0ewsu756ycU+g9qbSzyqr/QXH2OnSBEnQ8S+5utrPgCl3nZiW+IQQM75wYAvgjakV5YAIiTWP31CyyfBKwRes9Cz+rfE1qolGQTZI6lDmNIy3O9xtETAV7qYCblByzyxqVfXTcZfMZ+DwLsP9w3qvr4K7QKi0+CJLDVe+aSehEUnxfK1iIBth5aOnHaJTsLXzp6vZbrIBcTtVL root@b2b5e76e-67d1-11eb-ab2f-eaa1dd33b81d"
       }
     ],
     "kind": "compute#metadata"
@@ -119,6 +119,10 @@
       "limit": 200,
       "metric": "SECURITY_POLICY_RULES"
     },
+    {
+      "limit": 1000,
+      "metric": "XPN_SERVICE_PROJECTS"
+    },
     {
       "limit": 150,
       "metric": "PACKET_MIRRORINGS"

audit/projects/k8s-infra-e2e-boskos-002/services/enabled.txt

@@ -1,6 +1,9 @@
 NAME                              TITLE
 compute.googleapis.com            Compute Engine API
+containerregistry.googleapis.com  Container Registry API
 logging.googleapis.com            Cloud Logging API
 monitoring.googleapis.com         Cloud Monitoring API
 oslogin.googleapis.com            Cloud OS Login API
+pubsub.googleapis.com             Cloud Pub/Sub API
+storage-api.googleapis.com        Google Cloud Storage JSON API
 storage-component.googleapis.com  Cloud Storage

audit/projects/k8s-infra-e2e-boskos-003/iam.json

@@ -12,6 +12,12 @@
       ],
       "role": "roles/compute.serviceAgent"
     },
+    {
+      "members": [
+        "serviceAccount:[email protected]"
+      ],
+      "role": "roles/containerregistry.ServiceAgent"
+    },
     {
       "members": [
         "serviceAccount:[email protected]",