You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
An unintuitive permission is necessary for the GCP upgrade process:
compute.images.delete.
This is included in "Compute Instance Admin (v1)" - compute.instanceAdmin - which the Ops Manager docs list as required. This is likely the only required permission for the Ops Manager VM and image management parts of Platform Automation; others may be necessary depending on blob store selection.
Currently, the Platform Automation docs don't list necessary permission prerequisites on GCP at all. They should! Not sure exactly where, yet.
The Paving repo docs list permissions necessary for setup of environments, which includes instanceAdmin:
Those permissions are broader than what PA requires, but cover the additional permissions necessary to setup the envs Paving operates in, so may also be of interest.
The text was updated successfully, but these errors were encountered:
We have created an issue in Pivotal Tracker to manage this. Unfortunately, the Pivotal Tracker project is private so you may be unable to view the contents of the story.
The labels on this github issue will be updated when the story is started.
I think that's fine. Sorry I missed your earlier question about this! We did get feedback from customers, just that they had a problem and wouldn't have hit it if they'd known in advance what the permissions needed to be. Well. One customer. Anyway, this is fine, and having it relatively low priority was appropriate.
Describe the bug
An unintuitive permission is necessary for the GCP upgrade process:
compute.images.delete
.This is included in "Compute Instance Admin (v1)" -
compute.instanceAdmin
- which the Ops Manager docs list as required. This is likely the only required permission for the Ops Manager VM and image management parts of Platform Automation; others may be necessary depending on blob store selection.Currently, the Platform Automation docs don't list necessary permission prerequisites on GCP at all. They should! Not sure exactly where, yet.
The Paving repo docs list permissions necessary for setup of environments, which includes instanceAdmin:
https://github.com/pivotal/paving/tree/master/gcp
Those permissions are broader than what PA requires, but cover the additional permissions necessary to setup the envs Paving operates in, so may also be of interest.
The text was updated successfully, but these errors were encountered: