Configuring infrastructure things like databases or pub/sub queues. Here, we have use-cases where we want to apply company-wide recommendations, like preventing exposure to the public internet or changing retention policies for storage solutions that support it. Transformations would be pretty simple like adding a lifecycle rule to a storage bucket (see link for example)
Configuring service or data pipeline deployments like adding or tweaking GC options or access credentials. For example, users that currently mount a credential file (e.g. imagine detecting a mounted file at /var/lib/credentials/foo.json) we might want to switch to using a managed RBAC identity instead (e.g. using the Pod spec.serviceAccountName setting in Kubernetes)
Automatically configuring resource budgets based on runtime information (e.g. resource.limits or resource.requests for Pods).
Configuring infrastructure things like databases or pub/sub queues. Here, we have use-cases where we want to apply company-wide recommendations, like preventing exposure to the public internet or changing retention policies for storage solutions that support it. Transformations would be pretty simple like adding a lifecycle rule to a storage bucket (see link for example)
Configuring service or data pipeline deployments like adding or tweaking GC options or access credentials. For example, users that currently mount a credential file (e.g. imagine detecting a mounted file at /var/lib/credentials/foo.json) we might want to switch to using a managed RBAC identity instead (e.g. using the Pod spec.serviceAccountName setting in Kubernetes)
Automatically configuring resource budgets based on runtime information (e.g. resource.limits or resource.requests for Pods).
https://github.com/GoogleCloudPlatform/k8s-config-connector/blob/master/samples/resources/storagebucket/storage_v1beta1_storagebucket.yaml#L26-L30