Versions Compared

Version Old Version 1 New Version Current
Changes made by

Sarabjeet Kaur

Sarabjeet Kaur

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Click Roles > Create new role. Provide a name like secret-manager-role for storage service and assign the following permissions.

    • secretmanager.versions.access

    • secretmanager.versions.add

  2. Go to IAM & Admin > IAM. Search for the service account that was created for Kyvos.

  3. Click Edit Principal.

  4. Click Add another role. Select the secret-manager-role (created in Step1).

  5. Click Add condition.

  6. Enter the Title as Secret Manager permission, and add conditions as:

    1. Adding the first condition

      1. Select the Condition Type as Resource > Name.

      2. Select the Operator as Starts with

      3. In the Value field, enter theĀ Resource ID of Secret manager captured in Creating a secret section.

    2. Adding the second condition

      1. Click Add to add another condition.

      2. Select the Condition Type as Resource > Service.

      3. Select the Operator as is

      4. In Resource Service, select the secretmanager.googleapis.com service. To know more about this service, refer to Google Documentation.

    3. Click Save.