Closed dominikmueller closed 3 months ago
IAM conditions can only be used to restrict access to DatabaseInstances or BackupRuns. They can't be used to restrict access to Database resources.
The export workflow uses the googleapis.sqladmin.v1.databases.list call to gather all database names.
googleapis.sqladmin.v1.databases.list
This call fails with the error code 403: unauthorized when the IAM conditions are set.
The client is not authorized to make this request.
Supported Resource Type Values in IAM Conditions: docs
/gcbrun
imrannayer
commented
3 months ago imrannayer
commented
3 months ago
IAM conditions can only be used to restrict access to DatabaseInstances or BackupRuns. They can't be used to restrict access to Database resources.
The export workflow uses the
googleapis.sqladmin.v1.databases.listcall to gather all database names.This call fails with the error code 403: unauthorized when the IAM conditions are set.
Supported Resource Type Values in IAM Conditions: docs