search

terraform-ibm-modules / terraform-ibm-scc-da

A deployable architecture solution to deploy IBM Security and Compliance related resources
Apache License 2.0
0 stars 2 forks source link

IAM permissions are incorrect for SCC WP agent DA #115

Closed ocofaigh closed 5 months ago

ocofaigh commented 5 months ago

The tile shows this: image image

However this is not correct - you would need Kubernetes editor role to deploy the agents to a kube cluster. AKA:

"iam_permissions": [
            {
              "service_name": "containers-kubernetes",
              "role_crns": [
                "crn:v1:bluemix:public:iam::::serviceRole:Manager",
                "crn:v1:bluemix:public:iam::::role:Viewer"
              ]
            }
          ],
akocbek commented 5 months ago

https://github.com/terraform-ibm-modules/terraform-ibm-scc-da/pull/117