...
Add the below predefined roles in service account used by Kyvos cluster.
BigQuery data viewer
BigQuery user
Dataproc Worker
Cloud Functions Admin
Cloud Scheduler Admin
Cloud Scheduler Service Agent
Service Account User
Logs Writer
Workload Identity User
Permissions for Cross-Project Datasets Access with BigQuery:
Use the same service account that is being used by Kyvos VMs.
Give the following roles to the above-created service account on the BigQuery Project.
BigQuery Data Viewer
BigQuery User
Prerequisites for Cross-Project BigQuery setup and Kyvos VMs.
Use the same service account that is being used by Kyvos VMs.
To the service account used by Kyvos VMs, give the following roles on the BigQuery Project:
BigQuery Data Viewer
BigQuery User
For accessing BigQuery Views, add the following permissions to the Kyvos custom role (created above).
bigquery.tables.create
bigquery.tables.delete
bigquery.tables.update
bigquery.tables.updateData
Permissions to generate Temporary Views in Separate Dataset when performing the validation/preview operation from Kyvos on Google BigQuery.
bigquery.tables.create = permissions to create a new table
bigquery.tables.updateData = to write data to a new table, overwrite a table, or append data to a table
In the API and identity management section, for Cloud API access scopes, the Allow full access to all Cloud APIs permission must be set.
Prerequisites to run Terraform form local machine
| Anchor | ||||
|---|---|---|---|---|
|
Download and install Terraform on your local machine.
To install Terraform, refer to the Terraform documentation.
Execute Terraform init command to verify successful installation of Terraform.
Jq should be installed on your local machine.
You need a GCP account to create and manage resources. Ensure that you have the necessary permissions.Configure GCP on your local machine.
For gcloud initialization, refer to the Google documentation.
...