Skip to content

Commit

Permalink
Merge pull request #1748 from cncf-ci/autoaudit-prow
Browse files Browse the repository at this point in the history
audit: update as of 2021-03-03
  • Loading branch information
k8s-ci-robot authored Mar 3, 2021
2 parents 986809c + f5795e3 commit 71591c3
Show file tree
Hide file tree
Showing 248 changed files with 1,917 additions and 433 deletions.
63 changes: 50 additions & 13 deletions audit/org_kubernetes.io/iam.json
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,23 @@
},
{
"members": [
"group:k8s-infra-gcp-auditors@kubernetes.io"
"user:davanum@gmail.com",
"user:thockin@google.com"
],
"role": "organizations/758905017065/roles/StorageBucketLister"
},
{
"members": [
"group:k8s-infra-gcp-auditors@kubernetes.io"
],
"role": "organizations/758905017065/roles/audit.viewer"
},
{
"members": [
"group:k8s-infra-gcp-org-admins@kubernetes.io"
],
"role": "organizations/758905017065/roles/organization.admin"
},
{
"members": [
"user:ihor@cncf.io",
Expand All @@ -27,37 +40,49 @@
},
{
"members": [
"group:k8s-infra-gcp-org-admins@kubernetes.io"
"user:davanum@gmail.com",
"user:thockin@google.com"
],
"role": "roles/billing.user"
},
{
"members": [
"group:gke-security-groups@kubernetes.io"
"group:k8s-infra-gcp-accounting@kubernetes.io"
],
"role": "roles/billing.viewer"
},
{
"members": [
"group:gke-security-groups@kubernetes.io",
"group:k8s-infra-prow-oncall@kubernetes.io"
],
"role": "roles/browser"
},
{
"members": [
"group:k8s-infra-gcp-auditors@kubernetes.io"
"user:davanum@gmail.com",
"user:thockin@google.com"
],
"role": "roles/compute.viewer"
},
{
"members": [
"group:k8s-infra-gcp-auditors@kubernetes.io"
"user:davanum@gmail.com",
"user:thockin@google.com"
],
"role": "roles/dns.reader"
},
{
"members": [
"group:k8s-infra-gcp-org-admins@kubernetes.io"
"user:davanum@gmail.com",
"user:thockin@google.com"
],
"role": "roles/iam.organizationRoleAdmin"
},
{
"members": [
"group:k8s-infra-gcp-auditors@kubernetes.io"
"user:davanum@gmail.com",
"user:thockin@google.com"
],
"role": "roles/iam.securityReviewer"
},
Expand All @@ -69,9 +94,10 @@
},
{
"members": [
"group:k8s-infra-gcp-org-admins@kubernetes.io",
"user:davanum@gmail.com",
"user:domain-admin-lf@kubernetes.io",
"user:ihor@cncf.io",
"user:psharma@linuxfoundation.org",
"user:spiffxp@google.com",
"user:thockin@google.com",
"user:twaggoner@linuxfoundation.org"
Expand All @@ -80,31 +106,42 @@
},
{
"members": [
"group:k8s-infra-gcp-auditors@kubernetes.io"
"user:davanum@gmail.com",
"user:thockin@google.com"
],
"role": "roles/resourcemanager.organizationViewer"
},
{
"members": [
"group:k8s-infra-gcp-org-admins@kubernetes.io"
"user:davanum@gmail.com",
"user:thockin@google.com"
],
"role": "roles/resourcemanager.projectCreator"
},
{
"members": [
"group:k8s-infra-gcp-org-admins@kubernetes.io"
"user:davanum@gmail.com",
"user:thockin@google.com"
],
"role": "roles/resourcemanager.projectDeleter"
},
{
"members": [
"group:k8s-infra-gcp-org-admins@kubernetes.io"
"group:k8s-infra-gcp-auditors@kubernetes.io"
],
"role": "roles/secretmanager.viewer"
},
{
"members": [
"user:davanum@gmail.com",
"user:thockin@google.com"
],
"role": "roles/servicemanagement.quotaAdmin"
},
{
"members": [
"group:k8s-infra-gcp-auditors@kubernetes.io"
"user:davanum@gmail.com",
"user:thockin@google.com"
],
"role": "roles/serviceusage.serviceUsageConsumer"
}
Expand Down
2 changes: 1 addition & 1 deletion audit/org_kubernetes.io/roles/CustomRole.json
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{
"description": "Can view billing info",
"description": "View access to billing info",
"includedPermissions": [
"billing.accounts.getSpendingInformation",
"billing.budgets.get",
Expand Down
9 changes: 0 additions & 9 deletions audit/org_kubernetes.io/roles/StorageBucketLister.json

This file was deleted.

Loading

0 comments on commit 71591c3

Please sign in to comment.