Test satellite managed encryption passphrase on QA

[NiaStorj]

AC

• Give only the satellite API permission to view Google secrets (other satellite components, e.g. core, admin) should not be able to access Google secrets
  • new service account should have the following "role grants":
  • BigQuery Data Editor (to match the datascience service account eventkitd@storj-data-science-249814.iam.gserviceaccount.com currently linked to the satellite)
  • Secret Manager Secret Accessor (to support satellite managed encryption)
• Merge and deploy https://github.com/storj/infra/pull/6165 to QA

[mobyvb]

@andriikotko do you think we can mark this ticket as done?