From 71a14f5193722b2f6b01d3a128cedb2575e06fd1 Mon Sep 17 00:00:00 2001 From: Daniel McMahon <50181878+igloodan@users.noreply.github.com> Date: Wed, 1 Feb 2023 20:59:35 +0000 Subject: [PATCH] Fix docs google permissions (#9556) * include project level IAM requirements * add name to authors.md * Update certbot-dns-google/certbot_dns_google/__init__.py Co-authored-by: alexzorin * Update certbot-dns-google/certbot_dns_google/__init__.py Co-authored-by: alexzorin * Update certbot-dns-google/certbot_dns_google/__init__.py Co-authored-by: alexzorin --------- Co-authored-by: Daniel McMahon Co-authored-by: alexzorin --- AUTHORS.md | 1 + certbot-dns-google/certbot_dns_google/__init__.py | 13 +++++++++++++ 2 files changed, 14 insertions(+) diff --git a/AUTHORS.md b/AUTHORS.md index 4b8dd9e73..410e72030 100644 --- a/AUTHORS.md +++ b/AUTHORS.md @@ -68,6 +68,7 @@ Authors * [Daniel Convissor](https://github.com/convissor) * [Daniel "Drex" Drexler](https://github.com/aeturnum) * [Daniel Huang](https://github.com/dhuang) +* [Daniel McMahon] (https://github.com/igloodan) * [Dave Guarino](https://github.com/daguar) * [David cz](https://github.com/dave-cz) * [David Dworken](https://github.com/ddworken) diff --git a/certbot-dns-google/certbot_dns_google/__init__.py b/certbot-dns-google/certbot_dns_google/__init__.py index 2cac34652..19f81c0c6 100644 --- a/certbot-dns-google/certbot_dns_google/__init__.py +++ b/certbot-dns-google/certbot_dns_google/__init__.py @@ -38,6 +38,19 @@ for an account with the following permissions: * ``dns.resourceRecordSets.list`` * ``dns.resourceRecordSets.update`` +(The closest role is `dns.admin `_). + +If the above permissions are assigned at the `resource level `_, the same user must +have, at the PROJECT level, the following permissions: + +* ``dns.managedZones.get`` +* ``dns.managedZones.list`` + +(The closest role is `dns.reader `_). + Google provides instructions for `creating a service account `_ and `information about the required permissions