Eric Ma
04/07/2023, 5:57 AMserviceAccountName
in the YAML creation, it is defaulting to a generic read-only Compute Engine service account.
Do you have any solution on how I can set the default serviceAccountName to use the same service account that is provided in GCP Credential Block?
Thank you in advance for any help here
https://cloud.google.com/run/docs/securing/service-identity#gcloud
By default, Cloud Run revisions and jobs execute as the Compute Engine default service account. The Compute Engine default service account has the Project Editor IAM role which grants read and write permissions on all resources in your Google Cloud project.
client_email
key of the credential dict)
service_account_info = {
"type": "service_account",
"project_id": "project_id",
"private_key_id": "private_key_id",
"private_key": "private_key",
"client_email": "client_email",
"client_id": "client_id",
"auth_uri": "auth_uri",
"token_uri": "token_uri",
"auth_provider_x509_cert_url": "auth_provider_x509_cert_url",
"client_x509_cert_url": "client_x509_cert_url"
}
Owen McMahon
04/07/2023, 8:45 PMCloudRunJob
Infrastructure Block, so I don't think it is possible to change at the moment. Blocker for us as well in terms of being able to utilize the Infra Block.Eric Ma
04/07/2023, 8:46 PMJeff Hale
04/10/2023, 2:56 PMOwen McMahon
04/11/2023, 5:58 PMJeff Hale
04/11/2023, 6:23 PMOwen McMahon
04/11/2023, 6:51 PM