SAD¶
Overview¶
sa-warlock: Deploy workflow notification:
Service account: sa-warlock@$PROJECT_ID.iam.gserviceaccount.com
Alias: sa-warlock
| Permissions | Identifiers | Performtion |
|---|---|---|
roles/bigquery.dataEditor | Dataset: workflows_terminal | Insert a job, load data, create and run a job in the project. |
roles/bigquery.jobUser | Dataset: workflows_terminal | Insert a job, load data, create and run a job in the project. |
roles/run.developer | Cloud Run | Read and write access to all Cloud Run. |
roles/run.invoker | Cloud Run | Invoke a Cloud Run. |
roles/errorreporting.writer | Error Reporting | Send error events to Error Reporting. |
roles/logging.logWriter | Logging | Write log entries. |
roles/monitoring.metricWriter | Monitoring | Write metrics. |
roles/secretmanager.secretAccessor | Secret Manager | Allows accessing the payload of secrets. |
roles/serviceusage.serviceUsageConsumer | Service Usage | Inspect service states and operations. |
roles/serviceusage.serviceUsageViewer | Service Usage | Inspect service states and operations. |
roles/workflows.invoker | Workflows | Execute workflows and manage the executions using the API. |
roles/workflows.viewer | Workflows | Read-only access to workflows. |
sa-chen: Deploy notification task declare:
Service account: sa-chen@$PROJECT_ID.iam.gserviceaccount.com
Alias: sa-chen
| Permissions | Identifiers | Performtion |
|---|---|---|
roles/cloudtasks.enqueuer | Cloud Tasks | Access to create tasks. |
roles/iam.serviceAccountUser | Service Accounts | Run operations as the service account. |
roles/workflows.invoker | Workflows | Execute workflows and manage the executions using the API. |