402 lines
18 KiB
YAML
402 lines
18 KiB
YAML
# Copyright 2023 Google LLC
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
- name: "accessapproval"
|
|
service_agent: "service-p%s@gcp-sa-accessapproval.iam.gserviceaccount.com"
|
|
- name: "adsdatahub"
|
|
service_agent: "service-%s@gcp-sa-adsdatahub.iam.gserviceaccount.com"
|
|
- name: "aiplatform"
|
|
service_agent: "service-%s@gcp-sa-aiplatform.iam.gserviceaccount.com"
|
|
jit: true # roles/aiplatform.customCodeServiceAgent
|
|
- name: "aiplatform-cc"
|
|
service_agent: "service-%s@gcp-sa-aiplatform-cc.iam.gserviceaccount.com"
|
|
- name: "alloydb"
|
|
service_agent: "service-%s@gcp-sa-alloydb.iam.gserviceaccount.com"
|
|
- name: "anthos"
|
|
service_agent: "service-%s@gcp-sa-anthos.iam.gserviceaccount.com"
|
|
- name: "anthosaudit"
|
|
service_agent: "service-%s@gcp-sa-anthosaudit.iam.gserviceaccount.com"
|
|
- name: "anthosconfigmanagement"
|
|
service_agent: "service-%s@gcp-sa-anthosconfigmanagement.iam.gserviceaccount.com"
|
|
- name: "anthosidentityservice"
|
|
service_agent: "service-%s@gcp-sa-anthosidentityservice.iam.gserviceaccount.com"
|
|
- name: "apigateway"
|
|
service_agent: "service-%s@gcp-sa-apigateway.iam.gserviceaccount.com"
|
|
- name: "apigateway-mgmt"
|
|
service_agent: "service-%s@gcp-sa-apigateway-mgmt.iam.gserviceaccount.com"
|
|
- name: "apigee"
|
|
service_agent: "service-%s@gcp-sa-apigee.iam.gserviceaccount.com"
|
|
jit: true # roles/apigee.serviceAgent
|
|
- name: "apigeeregistry"
|
|
service_agent: "service-%s@gcp-sa-apigeeregistry.iam.gserviceaccount.com"
|
|
- name: "appdevelopmentexperience"
|
|
service_agent: "service-%s@gcp-sa-appdevexperience.iam.gserviceaccount.com"
|
|
- name: "appengineflex"
|
|
alias: "gae-flex"
|
|
service_agent: "service-%s@gae-api-prod.google.com.iam.gserviceaccount.com"
|
|
- name: "appenginestandard"
|
|
service_agent: "service-%s@gcp-gae-service.iam.gserviceaccount.com"
|
|
- name: "artifactregistry"
|
|
service_agent: "service-%s@gcp-sa-artifactregistry.iam.gserviceaccount.com"
|
|
jit: true # roles/artifactregistry.serviceAgent
|
|
- name: "assuredworkloads"
|
|
service_agent: "service-%s@gcp-sa-assuredworkloads.iam.gserviceaccount.com"
|
|
- name: "automl"
|
|
service_agent: "service-%s@gcp-sa-automl.iam.gserviceaccount.com"
|
|
- name: "backupdr"
|
|
service_agent: "service-%s@gcp-sa-backupdr.iam.gserviceaccount.com"
|
|
- name: "backupdr-run"
|
|
service_agent: "service-%s@gcp-sa-backupdr-run.iam.gserviceaccount.com"
|
|
- name: "baremetalsolution"
|
|
service_agent: "service-%s@gcp-sa-bms.iam.gserviceaccount.com"
|
|
- name: "batch"
|
|
service_agent: "service-%s@gcp-sa-cloudbatch.iam.gserviceaccount.com"
|
|
- name: "bigquery"
|
|
alias: "bq"
|
|
service_agent: "bq-%s@bigquery-encryption.iam.gserviceaccount.com"
|
|
- name: "bigquery-omni"
|
|
service_agent: "service-%s@gcp-sa-prod-bigqueryomni.iam.gserviceaccount.com"
|
|
- name: "bigquery-ri"
|
|
service_agent: "service-%s@gcp-sa-bigqueryri.iam.gserviceaccount.com"
|
|
- name: "bigquerydatatransfer"
|
|
service_agent: "service-%s@gcp-sa-bigquerydatatransfer.iam.gserviceaccount.com"
|
|
- name: "bigtableadmin"
|
|
service_agent: "service-%s@gcp-sa-bigtable.iam.gserviceaccount.com"
|
|
jit: true
|
|
- name: "binaryauthorization"
|
|
service_agent: "service-%s@gcp-sa-binaryauthorization.iam.gserviceaccount.com"
|
|
- name: "certificatemanager"
|
|
service_agent: "service-%s@gcp-sa-certificatemanager.iam.gserviceaccount.com"
|
|
- name: "chronicle"
|
|
service_agent: "service-%s@gcp-sa-chronicle.iam.gserviceaccount.com"
|
|
- name: "cloudasset"
|
|
service_agent: "service-%s@gcp-sa-cloudasset.iam.gserviceaccount.com"
|
|
jit: true # roles/cloudasset.serviceAgent
|
|
- name: "cloudbuild"
|
|
service_agent: "service-%s@gcp-sa-cloudbuild.iam.gserviceaccount.com"
|
|
jit: true # roles/cloudbuild.builds.builder
|
|
- name: "cloudbuild-builder"
|
|
service_agent: "%s@cloudbuild.gserviceaccount.com.iam.gserviceaccount.com"
|
|
- name: "cloudbuild-logging"
|
|
service_agent: "service-%s@gcp-sa-log-cloudbuild.iam.gserviceaccount.com"
|
|
- name: "clouddeploy"
|
|
service_agent: "service-%s@gcp-sa-clouddeploy.iam.gserviceaccount.com"
|
|
- name: "cloudfunctions"
|
|
alias: "gcf"
|
|
service_agent: "service-%s@gcf-admin-robot.iam.gserviceaccount.com"
|
|
- name: "cloudiot"
|
|
service_agent: "service-%s@gcp-sa-cloudiot.iam.gserviceaccount.com"
|
|
- name: "cloudkms"
|
|
service_agent: "service-%s@gcp-sa-cloudkms.iam.gserviceaccount.com"
|
|
- name: "cloudkms-ekms"
|
|
service_agent: "service-%s@gcp-sa-ekms.iam.gserviceaccount.com"
|
|
- name: "cloudoptimization"
|
|
service_agent: "service-%s@gcp-sa-cloudoptim.iam.gserviceaccount.com"
|
|
- name: "cloudscheduler"
|
|
service_agent: "service-%s@gcp-sa-cloudscheduler.iam.gserviceaccount.com"
|
|
- name: "cloudtasks"
|
|
service_agent: "service-%s@gcp-sa-cloudtasks.iam.gserviceaccount.com"
|
|
- name: "cloudtrace"
|
|
service_agent: "service-%s@gcp-sa-cloud-trace.iam.gserviceaccount.com"
|
|
- name: "composer"
|
|
service_agent: "service-%s@cloudcomposer-accounts.iam.gserviceaccount.com"
|
|
- name: "compute"
|
|
service_agent: "service-%s@compute-system.iam.gserviceaccount.com"
|
|
- name: "compute-usage"
|
|
service_agent: "service-%s@gcp-sa-compute-usage.iam.gserviceaccount.com"
|
|
- name: "config"
|
|
service_agent: "service-%s@gcp-sa-config.iam.gserviceaccount.com"
|
|
- name: "connectgateway"
|
|
service_agent: "service-%s@gcp-sa-anthossupport.iam.gserviceaccount.com"
|
|
- name: "connectors"
|
|
service_agent: "service-%s@gcp-sa-connectors.iam.gserviceaccount.com"
|
|
- name: "contactcenteraiplatform"
|
|
service_agent: "service-%s@gcp-sa-ccaip.iam.gserviceaccount.com"
|
|
- name: "contactcenterinsights"
|
|
service_agent: "service-%s@gcp-sa-contactcenterinsights.iam.gserviceaccount.com"
|
|
- name: "container"
|
|
alias: "container-engine"
|
|
service_agent: "service-%s@container-engine-robot.iam.gserviceaccount.com"
|
|
- name: "container-gkenode"
|
|
service_agent: "service-%s@gcp-sa-gkenode.iam.gserviceaccount.com"
|
|
- name: "containeranalysis"
|
|
service_agent: "service-%s@container-analysis.iam.gserviceaccount.com"
|
|
- name: "containerregistry"
|
|
service_agent: "service-%s@containerregistry.iam.gserviceaccount.com"
|
|
- name: "containerscanning"
|
|
service_agent: "service-%s@gcp-sa-containerscanning.iam.gserviceaccount.com"
|
|
- name: "containerthreatdetection"
|
|
service_agent: "service-%s@gcp-sa-ktd-control.iam.gserviceaccount.com"
|
|
- name: "contentwarehouse"
|
|
service_agent: "service-%s@gcp-sa-cloud-cw.iam.gserviceaccount.com"
|
|
- name: "dataconnectors"
|
|
service_agent: "service-%s@gcp-sa-dataconnectors.iam.gserviceaccount.com"
|
|
- name: "dataflow"
|
|
service_agent: "service-%s@dataflow-service-producer-prod.iam.gserviceaccount.com"
|
|
- name: "dataform"
|
|
service_agent: "service-%s@gcp-sa-dataform.iam.gserviceaccount.com"
|
|
jit: true # roles/dataform.serviceAgent
|
|
- name: "datafusion"
|
|
service_agent: "service-%s@gcp-sa-datafusion.iam.gserviceaccount.com"
|
|
- name: "datalabeling"
|
|
service_agent: "service-%s@gcp-sa-datalabeling.iam.gserviceaccount.com"
|
|
- name: "datamigration"
|
|
service_agent: "service-%s@gcp-sa-datamigration.iam.gserviceaccount.com"
|
|
- name: "datapipelines"
|
|
service_agent: "service-%s@gcp-sa-datapipelines.iam.gserviceaccount.com"
|
|
- name: "dataplex"
|
|
service_agent: "service-%s@gcp-sa-dataplex.iam.gserviceaccount.com"
|
|
jit: true # roles/dataplex.serviceAgent
|
|
- name: "dataproc"
|
|
service_agent: "service-%s@dataproc-accounts.iam.gserviceaccount.com"
|
|
- name: "datastream"
|
|
service_agent: "service-%s@gcp-sa-datastream.iam.gserviceaccount.com"
|
|
- name: "datastudio"
|
|
service_agent: "service-%s@gcp-sa-datastudio.iam.gserviceaccount.com"
|
|
- name: "dialogflow"
|
|
service_agent: "service-%s@gcp-sa-dialogflow.iam.gserviceaccount.com"
|
|
- name: "discoveryengine"
|
|
service_agent: "service-%s@gcp-sa-discoveryengine.iam.gserviceaccount.com"
|
|
# dlp ="organizations-ORGANIZATION_NUMBER@gcp-sa-riskmanager"
|
|
- name: "dlp"
|
|
service_agent: "service-%s@dlp-api.iam.gserviceaccount.com"
|
|
jit: true
|
|
- name: "documentai"
|
|
service_agent: "service-%s@gcp-sa-prod-dai-core.iam.gserviceaccount.com"
|
|
- name: "edgecontainer"
|
|
service_agent: "service-%s@gcp-sa-edgecontainer.iam.gserviceaccount.com"
|
|
- name: "edgecontainer-cluster"
|
|
service_agent: "service-%s@gcp-sa-edgecontainercluster.iam.gserviceaccount.com"
|
|
- name: "endpoints"
|
|
service_agent: "service-%s@gcp-sa-endpoints.iam.gserviceaccount.com"
|
|
- name: "endpointsportal"
|
|
service_agent: "service-%s@endpoints-portal.iam.gserviceaccount.com"
|
|
- name: "enterpriseknowledgegraph"
|
|
service_agent: "service-%s@gcp-sa-cloud-ekg.iam.gserviceaccount.com"
|
|
- name: "eventarc"
|
|
service_agent: "service-%s@gcp-sa-eventarc.iam.gserviceaccount.com"
|
|
- name: "file"
|
|
service_agent: "service-%s@cloud-filer.iam.gserviceaccount.com"
|
|
- name: "firebase"
|
|
service_agent: "service-%s@gcp-sa-firebase.iam.gserviceaccount.com"
|
|
- name: "firebaseappcheck"
|
|
service_agent: "service-%s@gcp-sa-firebaseappcheck.iam.gserviceaccount.com"
|
|
- name: "firebasedatabase"
|
|
service_agent: "service-%s@gcp-sa-firebasedatabase.iam.gserviceaccount.com"
|
|
- name: "firebaseextensions"
|
|
service_agent: "service-%s@gcp-sa-firebasemods.iam.gserviceaccount.com"
|
|
- name: "firebaserules"
|
|
service_agent: "service-%s@firebase-rules.iam.gserviceaccount.com"
|
|
- name: "firebasestorage"
|
|
service_agent: "service-%s@gcp-sa-firebasestorage.iam.gserviceaccount.com"
|
|
- name: "firestore"
|
|
service_agent: "service-%s@gcp-sa-firestore.iam.gserviceaccount.com"
|
|
- name: "firewallinsights"
|
|
service_agent: "service-%s@gcp-sa-firewallinsights.iam.gserviceaccount.com"
|
|
- name: "gameservices"
|
|
service_agent: "service-%s@gcp-sa-gameservices.iam.gserviceaccount.com"
|
|
- name: "genomics"
|
|
service_agent: "service-%s@genomics-api.google.com.iam.gserviceaccount.com"
|
|
- name: "gkebackup"
|
|
service_agent: "service-%s@gcp-sa-gkebackup.iam.gserviceaccount.com"
|
|
- name: "gkehub"
|
|
alias: "fleet"
|
|
service_agent: "service-%s@gcp-sa-gkehub.iam.gserviceaccount.com"
|
|
jit: true # roles/gkehub.serviceAgent
|
|
- name: "gkemulticloud"
|
|
service_agent: "service-%s@gcp-sa-gkemulticloud.iam.gserviceaccount.com"
|
|
- name: "gkeonprem"
|
|
service_agent: "service-%s@gcp-sa-gkeonprem.iam.gserviceaccount.com"
|
|
- name: "gsuiteaddons"
|
|
service_agent: "service-%s@gcp-sa-gsuiteaddons.iam.gserviceaccount.com"
|
|
- name: "healthcare"
|
|
service_agent: "service-%s@gcp-sa-healthcare.iam.gserviceaccount.com"
|
|
- name: "iap"
|
|
service_agent: "service-%s@gcp-sa-iap.iam.gserviceaccount.com"
|
|
jit: true # none
|
|
- name: "identitytoolkit"
|
|
service_agent: "service-%s@gcp-sa-identitytoolkit.iam.gserviceaccount.com"
|
|
- name: "ids"
|
|
service_agent: "service-%s@gcp-sa-cloud-ids.iam.gserviceaccount.com"
|
|
- name: "integrations"
|
|
service_agent: "service-%s@gcp-sa-integrations.iam.gserviceaccount.com"
|
|
- name: "krmapihosting"
|
|
service_agent: "service-%s@gcp-sa-krmapihosting.iam.gserviceaccount.com"
|
|
- name: "krmapihosting-dataplane"
|
|
service_agent: "service-%s@gcp-sa-krmapihosting-dataplane.iam.gserviceaccount.com"
|
|
- name: "lifesciences"
|
|
service_agent: "service-%s@gcp-sa-lifesciences.iam.gserviceaccount.com"
|
|
- name: "livestream"
|
|
service_agent: "service-%s@gcp-sa-livestream.iam.gserviceaccount.com"
|
|
- name: "logging"
|
|
service_agent: "service-%s@gcp-sa-logging.iam.gserviceaccount.com"
|
|
- name: "managedidentities"
|
|
service_agent: "service-%s@gcp-sa-mi.iam.gserviceaccount.com"
|
|
- name: "memcache"
|
|
service_agent: "service-%s@cloud-memcache-sa.iam.gserviceaccount.com"
|
|
- name: "meshconfig"
|
|
service_agent: "service-%s@gcp-sa-meshconfig.iam.gserviceaccount.com"
|
|
jit: true # roles/anthosservicemesh.serviceAgent
|
|
- name: "meshconfig-servicemesh"
|
|
alias: "servicemesh"
|
|
service_agent: "service-%s@gcp-sa-servicemesh.iam.gserviceaccount.com"
|
|
- name: "meshconfig-controlplane"
|
|
service_agent: "service-%s@gcp-sa-meshcontrolplane.iam.gserviceaccount.com"
|
|
- name: "meshconfig-dataplane"
|
|
service_agent: "service-%s@gcp-sa-meshdataplane.iam.gserviceaccount.com"
|
|
- name: "metastore"
|
|
service_agent: "service-%s@gcp-sa-metastore.iam.gserviceaccount.com"
|
|
- name: "migrationcenter"
|
|
service_agent: "service-%s@gcp-sa-migcenter.iam.gserviceaccount.com"
|
|
- name: "ml"
|
|
service_agent: "service-%s@cloud-ml.google.com.iam.gserviceaccount.com"
|
|
- name: "monitoring-deprecated"
|
|
service_agent: "service-%s@gcp-sa-monitoring.iam.gserviceaccount.com"
|
|
- name: "monitoring"
|
|
alias: "monitoring-notifications"
|
|
service_agent: "service-%s@gcp-sa-monitoring-notification.iam.gserviceaccount.com"
|
|
- name: "multiclusteringress"
|
|
alias: "multicluster-ingress"
|
|
service_agent: "service-%s@gcp-sa-multiclusteringress.iam.gserviceaccount.com"
|
|
jit: true # roles/multiclusteringress.serviceAgent
|
|
- name: "multiclustermetering"
|
|
service_agent: "service-%s@gcp-sa-mcmetering.iam.gserviceaccount.com"
|
|
- name: "multiclusterservicediscovery"
|
|
alias: "gke-mcs"
|
|
service_agent: "service-%s@gcp-sa-mcsd.iam.gserviceaccount.com"
|
|
- name: "networkconnectivity"
|
|
service_agent: "service-%s@gcp-sa-networkconnectivity.iam.gserviceaccount.com"
|
|
- name: "networkmanagement"
|
|
service_agent: "service-%s@gcp-sa-networkmanagement.iam.gserviceaccount.com"
|
|
- name: "networksecurity"
|
|
service_agent: "service-%s@gcp-sa-networksecurity.iam.gserviceaccount.com"
|
|
jit: true
|
|
- name: "networkservices"
|
|
service_agent: "service-%s@gcp-sa-networkactions.iam.gserviceaccount.com"
|
|
- name: "notebooks"
|
|
service_agent: "service-%s@gcp-sa-notebooks.iam.gserviceaccount.com"
|
|
jit: true
|
|
- name: "ondemandscanning"
|
|
service_agent: "service-%s@gcp-sa-ondemandscanning.iam.gserviceaccount.com"
|
|
- name: "osconfig"
|
|
service_agent: "service-%s@gcp-sa-osconfig.iam.gserviceaccount.com"
|
|
- name: "privateca"
|
|
service_agent: "service-%s@gcp-sa-privateca.iam.gserviceaccount.com"
|
|
- name: "pubsub"
|
|
service_agent: "service-%s@gcp-sa-pubsub.iam.gserviceaccount.com"
|
|
jit: true # roles/pubsub.serviceAgent
|
|
- name: "pubsublite"
|
|
service_agent: "service-%s@gcp-sa-pubsublite.iam.gserviceaccount.com"
|
|
- name: "rapidmigrationassessment"
|
|
service_agent: "service-%s@gcp-sa-rma.iam.gserviceaccount.com"
|
|
- name: "recommendationengine"
|
|
service_agent: "service-%s@gcp-sa-recommendationengine.iam.gserviceaccount.com"
|
|
- name: "redis"
|
|
service_agent: "service-%s@cloud-redis.iam.gserviceaccount.com"
|
|
#remotebuildexecution ="service-%s@gcp-sa-rbe"
|
|
#remotebuildexecution ="service-%s@remotebuildexecution"
|
|
- name: "retail"
|
|
service_agent: "service-%s@gcp-sa-retail.iam.gserviceaccount.com"
|
|
- name: "run"
|
|
alias: "cloudrun"
|
|
service_agent: "service-%s@serverless-robot-prod.iam.gserviceaccount.com"
|
|
- name: "runapps"
|
|
service_agent: "service-%s@gcp-sa-runapps.iam.gserviceaccount.com"
|
|
- name: "sasportal"
|
|
service_agent: "service-%s@gcp-sa-spectrumsas.iam.gserviceaccount.com"
|
|
- name: "secretmanager"
|
|
service_agent: "service-%s@gcp-sa-secretmanager.iam.gserviceaccount.com"
|
|
jit: true # none
|
|
- name: "securedlandingzone"
|
|
service_agent: "service-%s@gcp-sa-slz.iam.gserviceaccount.com"
|
|
- name: "securitycenter-notification"
|
|
service_agent: "service-%s@gcp-sa-scc-notification.iam.gserviceaccount.com"
|
|
- name: "securitycenter-vmtd"
|
|
service_agent: "service-%s@gcp-sa-scc-vmtd.iam.gserviceaccount.com"
|
|
# securitycenter ="service-org-ORGANIZATION_NUMBER@security-center-api"
|
|
- name: "serviceconsumermanagement"
|
|
service_agent: "service-%s@service-consumer-management.iam.gserviceaccount.com"
|
|
- name: "servicedirectory"
|
|
service_agent: "service-%s@gcp-sa-servicedirectory.iam.gserviceaccount.com"
|
|
- name: "servicenetworking"
|
|
service_agent: "service-%s@service-networking.iam.gserviceaccount.com"
|
|
- name: "sourcerepo"
|
|
service_agent: "service-%s@sourcerepo-service-accounts.iam.gserviceaccount.com"
|
|
- name: "spanner"
|
|
service_agent: "service-%s@gcp-sa-spanner.iam.gserviceaccount.com"
|
|
- name: "speech"
|
|
service_agent: "service-%s@gcp-sa-speech.iam.gserviceaccount.com"
|
|
- name: "sqladmin"
|
|
alias: "sql"
|
|
service_agent: "service-%s@gcp-sa-cloud-sql.iam.gserviceaccount.com"
|
|
jit: true # roles/cloudsql.serviceAgent
|
|
- name: "storage"
|
|
service_agent: "service-%s@gs-project-accounts.iam.gserviceaccount.com"
|
|
- name: "storagetransfer"
|
|
service_agent: "project-%s@storage-transfer-service.iam.gserviceaccount.com"
|
|
- name: "stream"
|
|
service_agent: "service-%s@gcp-sa-stream.iam.gserviceaccount.com"
|
|
- name: "tpu"
|
|
service_agent: "service-%s@cloud-tpu.iam.gserviceaccount.com"
|
|
- name: "tpu-v2"
|
|
service_agent: "service-%s@gcp-sa-tpu.iam.gserviceaccount.com"
|
|
- name: "transcoder"
|
|
service_agent: "service-%s@gcp-sa-transcoder.iam.gserviceaccount.com"
|
|
- name: "transferappliance"
|
|
service_agent: "service-%s@gcp-sa-transferappliance.iam.gserviceaccount.com"
|
|
- name: "translate"
|
|
service_agent: "service-%s@gcp-sa-translation.iam.gserviceaccount.com"
|
|
- name: "visionai"
|
|
service_agent: "service-%s@gcp-sa-visionai.iam.gserviceaccount.com"
|
|
- name: "vmmigration"
|
|
service_agent: "service-%s@gcp-sa-vmmigration.iam.gserviceaccount.com"
|
|
- name: "vmwareengine"
|
|
service_agent: "service-%s@gcp-sa-vmwareengine.iam.gserviceaccount.com"
|
|
- name: "vpcaccess"
|
|
service_agent: "service-%s@gcp-sa-vpcaccess.iam.gserviceaccount.com"
|
|
- name: "websecurityscanner"
|
|
service_agent: "service-%s@gcp-sa-websecurityscanner.iam.gserviceaccount.com"
|
|
- name: "workflows"
|
|
service_agent: "service-%s@gcp-sa-workflows.iam.gserviceaccount.com"
|
|
- name: "workloadcertificate"
|
|
service_agent: "service-%s@gcp-sa-workloadcert.iam.gserviceaccount.com"
|
|
- name: "workloadmanager"
|
|
service_agent: "service-%s@gcp-sa-workloadmanager.iam.gserviceaccount.com"
|
|
- name: "workstations"
|
|
service_agent: "service-%s@gcp-sa-workstations.iam.gserviceaccount.com"
|
|
|
|
# "accessapproval.googleapis.com.
|
|
# For the project: service-p%s@gcp-sa-accessapproval
|
|
# For the folder: service-fFOLDER_NUMBER@gcp-sa-accessapproval
|
|
# For the organization: service-oORGANIZATION_NUMBER@gcp-sa-accessapproval"
|
|
|
|
# "bigqueryconnection.googleapis.com.
|
|
# bqcx-PROJECT_NUMBER-IDENTIFIER@gcp-sa-bigquery-condel
|
|
# connection-PROJECT_NUMBER-IDENTIFIER@gcp-sa-bigquery-condel"
|
|
|
|
# sqladmin.googleapis.com.
|
|
# For the project:pPROJECT_NUMBER-IDENTIFIER@gcp-sa-cloud-sql
|
|
# For the folder:fFOLDER_NUMBER-IDENTIFIER@gcp-sa-cloud-sql
|
|
# For the organization:oORGANIZATION_NUMBER-IDENTIFIER@gcp-sa-cloud-sql
|
|
|
|
# logging.googleapis.com.
|
|
# For the project:pPROJECT_NUMBER-IDENTIFIER@gcp-sa-logging
|
|
# For the folder:fFOLDER_NUMBER-IDENTIFIER@gcp-sa-logging
|
|
# For the organization:oORGANIZATION_NUMBER-IDENTIFIER@gcp-sa-logging
|
|
|
|
# integrations.googleapis.com.
|
|
# For the project:pPROJECT_NUMBER-IDENTIFIER@gcp-sa-playbooks
|
|
# For the folder:fFOLDER_NUMBER-IDENTIFIER@gcp-sa-playbooks
|
|
# For the organization:oORGANIZATION_NUMBER-IDENTIFIER@gcp-sa-playbooks
|