Page Comparison

Insert excerpt

	General Pre-requisites
	General Pre-requisites
name	common-installation-pre-requisites
nopanel	true

For details on compatible versions, please refer to the https://infozone.atlassian.net/wiki/x/owDKCg.

Insert excerpt

	Public Cloud Pre-requisites
	Public Cloud Pre-requisites
name	public-cloud-installation-pre-requisites
nopanel	true

GCP Specific Tools

The following GCP specific tool is required to be installed locally:

...

For details on compatible versions, please refer to the https://infozone.atlassian.net/wiki/x/owDKCg .

Minimum IAM User Policy

To use the installation guide, you need to ensure the user who performs the installation was granted with minimum permission in order to be able to provision GCP resources.

Info
You do not need to setup the following if the user that performs the installation was granted with Editor role.

For best practice it is preferably to set up a minimum IAM role for the user to perform the installation.

To manage GCP project access, please refer to GCP documentation for guidance https://cloud.google.com/iam/docs/granting-changing-revoking-access.

The following table contains the permissions required by the application.

Application

IAM Role Permission

Terraform

Code Block

title: UEPE Terraform Role
description: Minimum permissions that required by terraform
stage: GA
includedPermissions:

- cloudsql.instances.create
- cloudsql.instances.delete
- cloudsql.instances.get
- cloudsql.instances.update
- cloudsql.users.list
- compute.globalAddresses.createInternal
- compute.globalAddresses.deleteInternal
- compute.globalAddresses.get
- compute.instanceGroupManagers.get
- compute.networks.create
- compute.networks.delete
- compute.networks.get
- compute.networks.removePeering
- compute.networks.updatePolicy
- compute.networks.use
- compute.routers.create
- compute.routers.delete
- compute.routers.get
- compute.routers.update
- compute.subnetworks.create
- compute.subnetworks.delete
- compute.subnetworks.get
- container.clusters.create
- container.clusters.delete
- container.clusters.get
- container.clusters.update
- container.operations.get
- dns.changes.create
- dns.changes.get
- dns.changes.list
- dns.managedZones.create
- dns.managedZones.delete
- dns.managedZones.get
- dns.managedZones.getIamPolicy
- dns.managedZones.list
- dns.managedZones.update
- dns.resourceRecordSets.create
- dns.resourceRecordSets.delete
- dns.resourceRecordSets.get
- dns.resourceRecordSets.list
- dns.resourceRecordSets.update
- file.instances.create
- file.instances.delete
- file.instances.get
- file.instances.update
- file.operations.get
- iam.roles.get
- iam.serviceAccounts.create
- iam.serviceAccounts.delete
- iam.serviceAccounts.get
- iam.serviceAccounts.getIamPolicy
- iam.serviceAccounts.setIamPolicy
- resourcemanager.projects.get
- resourcemanager.projects.getIamPolicy
- resourcemanager.projects.setIamPolicy
- servicenetworking.services.addPeering
- servicenetworking.services.get

Kubectl

Grant role roles/container.admin to get access to the cluster via kubectl.

Versions Compared

Old Version 9

New Version Current

Key

GCP Specific Tools

Minimum IAM User Policy