provider-gcp
provider-gcp copied to clipboard
Cannot create GKE Admin role permissions with current IAM Resource
What problem are you facing?
When we attempt to grant a ServiceAccount resource GKE Cluster Admin, we see the following error:
create failed: cannot set policy of CryptoKey: googleapi: Error 400:
Role roles/container.clusterAdmin is not supported for this resource.,
badRequest
It appears that this role can only be assigned as a binding on the Projects api, not as a policy on a ServiceAccount.
How could Crossplane help solve your problem?
Implement bindings on the projects API for GCP.