Reference

ClientIntents example (YAML)

apiVersion: k8s.otterize.com/v1alpha3
kind: ClientIntents
metadata:
  name: server
spec:
  service:
    # The name of the pod that will be granted access
    name: server
  calls:
      # The GCP resource name as defined in the linked documentation below
      # Wildcards can be used in the end of the resource name to match multiple and nested resources
    - name: projects/_/buckets/otterize-demo-bucket*
      type: gcp
      # one or more GCP Roles that will be provided to the specified resources
      gcpPermissions:
        - "storage.admin"
      # Multiple call definitions can be defined for a single service.
    - name: projects/_/buckets/otterize-read-only-bucket*
      type: gcp
      gcpPermissions:
        - "storage.objectViewer"

GCP documentation references

For GCP resource names, refer to the Resource Name Format documentation.
For GCP roles and permissions, refer to the Predefined roles and permissions documentation.

Annotations

Key	Description	Default
`credentials-operator.otterize.com/create-gcp-sa`	When set to true, the credential operator will create a unique GCP service account for the K8S ServiceAccount of the associated pod	`false`

Helm Chart options

Key	Description	Default
`global.gcp.enabled`	Enable or disable GCP integration	`false`

View the Helm chart reference for all other options

ClientIntents example (YAML)​

GCP documentation references​

Annotations​

Helm Chart options​

ClientIntents example (YAML)

GCP documentation references

Annotations

Helm Chart options