Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix!: Cleanup of old instance backups. Change role roles/cloudsql.editor to roles/cloudsql.admin #618

Merged
merged 2 commits into from
Jul 16, 2024
Merged

fix!: Cleanup of old instance backups. Change role roles/cloudsql.editor to roles/cloudsql.admin #618

merged 2 commits into from
Jul 16, 2024

Conversation

tjespers
Copy link
Contributor

This commit reverts the change to using the cloudsql.editor role
for the backup service account from the cloudsql.admin role. This was
introduced in #597 but due to this the deletion of old backups on the
instance now receives a 403 error in the workflow. This is due to the
fact that the cloudsql.editor role lacks the cloudsql.backupRuns.delete
permission.

Closes: #617

@tjespers
fix: cleanup of old instance backups broken due to missing permission
d4f0e44 
This commit reverts the change to using the cloudsql.editor role
for the backup service account from the cloudsql.admin role. This was
introduced in terraform-google-modules#597 but due to this the deletion of old backups on the
instance now receives a 403 error in the workflow. This is due to the
fact that the cloudsql.editor role lacks the cloudsql.backupRuns.delete
permission.

Closes: terraform-google-modules#617
@tjespers tjespers requested review from isaurabhuttam, imrannayer and a team as code owners July 15, 2024 12:50
@imrannayer
Copy link
Collaborator

/gcbrun

@imrannayer imrannayer changed the title fix: cleanup of old instance backups broken due to missing permission fix!: cleanup of old instance backups broken due to missing permission Jul 15, 2024
@imrannayer imrannayer changed the title fix!: cleanup of old instance backups broken due to missing permission fix!: Cleanup of old instance backups. Change role roles/cloudsql.editor to roles/cloudsql.admin Jul 15, 2024
@imrannayer imrannayer self-assigned this Jul 16, 2024
@imrannayer
Copy link
Collaborator

/gcbrun

@imrannayer imrannayer merged commit 7310051 into terraform-google-modules:master Jul 16, 2024
4 checks passed
@release-please release-please bot mentioned this pull request Jul 16, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@imrannayer imrannayer imrannayer approved these changes

@isaurabhuttam isaurabhuttam Awaiting requested review from isaurabhuttam

Assignees

@imrannayer imrannayer

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

CloudSQL Editor role insufficient to delete backups
2 participants
@tjespers @imrannayer