add config option to use spanner_sys_reader fgac role

[maduris]

trafficstars

Description: adding an option to enable using Spanner fine grained role "spanner_sys_role" to read sys tables from spanner databases

Link to tracking Issue: <Issue number if applicable>

Testing: <Describe what testing was performed and which tests were added.>

Documentation:

This role already has the read permissions on the spanner sys tables https://cloud.google.com/spanner/docs/fgac-system-roles#spanner_sys_reader

The service account that the receiver uses need to still grant the IAM roles following the guide https://cloud.google.com/spanner/docs/configure-fgac#grant-fgac-role

[linux-foundation-easycla[bot]]

The committers listed above are authorized under a signed CLA.

• :white_check_mark: login: maduris / name: sai (3f83f8ec0d27190b16ee9cc6d6f2691883ccefa5, ce1d79cfe6ed4b4af1dcac6e381e2dfe02732145, 257f58b1a8ee59c834b97be7ef3dda1a6ae4426d, 6115531c551831a794fe75cc11392d3e5c9fd5d7, db4565976fc50822a39ecb8b4c9f2e8a7fbdbe75, aea55b6c28bbc3e8d0a548a975d7affdf9753f0c, aaafc6a44308053eb756b7eb0a56fd1cdf24ffc0, bbbe2745d89a40e054c500db05dfb0b8f4c7fcf4, eca3121236864c44c37426a2eb6c2f71626af286, 045934500c385970cf1ae73770c1d65f1c213d5c, 206ec08a92d14bfffd752246d1b46c3fa090394e)

[krzko]

Just as a heads up, we've build a custom collector and validated that this works in our nonprod ennvironments, we can see the spanner metrics coming through

[github-actions[bot]]

This PR was marked stale due to lack of activity. It will be closed in 14 days.

[github-actions[bot]]

Closed as inactive. Feel free to reopen if this PR is still being worked on.

[krzko]

Can we please keep this opened, we're wanting FGAC support to be added to the Spanner Receiver

[github-actions[bot]]

This PR was marked stale due to lack of activity. It will be closed in 14 days.

[github-actions[bot]]

Closed as inactive. Feel free to reopen if this PR is still being worked on.