Open sandyydk opened 2 years ago
I have the following yaml :
resources: - name: bind-iam-policy-secret-accessor type: gcp-types/cloudresourcemanager-v1:virtual.projects.iamMemberBinding properties: resource: myprojectA role: roles/secretmanager.secretAccessor member: "serviceAccount:sandeep@myproject.iam.gserviceaccount.com"
The above works out but the one below with a conditional access fails :
resources: - name: bind-iam-policy-secret-accessor type: gcp-types/cloudresourcemanager-v1:virtual.projects.iamMemberBinding properties: resource: myprojectA role: roles/secretmanager.secretAccessor member: "serviceAccount:sandeep@myproject.iam.gserviceaccount.com" condition: "resource.name.extract('/secrets/{name}').startsWith('sandeep-')"
Any idea how to specify a condition and its expression here? Thanks.
I have the following yaml :
The above works out but the one below with a conditional access fails :