gke-disk-image-builder: Configurable service account
nstogner opened this issue · 0 comments
nstogner commented
Customer need: need to be able to use a preexisting GCP Service Account when running the image builder instance.
For example, what I did:
Instance: compute.Instance{
Name: fmt.Sprintf("%s-instance", name),
MachineType: fmt.Sprintf("zones/%s/machineTypes/%s", req.Zone, req.MachineType
),
+ ServiceAccounts: []*compute.ServiceAccount{
+ &compute.ServiceAccount{
+ Email: req.ServiceAccount,
+ Scopes: []string{
+ "https://www.googleapis.com/auth/devstorage.read_only"
,
+ "https://www.googleapis.com/auth/logging.write",
+ "https://www.googleapis.com/auth/monitoring.write",
+ "https://www.googleapis.com/auth/pubsub",
+ "https://www.googleapis.com/auth/service.management.re
adonly",
+ "https://www.googleapis.com/auth/servicecontrol",
+ "https://www.googleapis.com/auth/trace.append",
+ },
+ },
+ },