Skip to content

OCPBUGS-54675: Add permissions for using keys for encryption #91757

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

OCPBUGS-54675: Add permissions for using keys for encryption #91757

wants to merge 1 commit into from

Conversation

barbacbd
Copy link
Contributor

@barbacbd barbacbd commented Apr 7, 2025

OCPBUGS-54675: Add permissions for using keys for encryption

Version(s):

4.19+

Issue:

Link to this bug: https://issues.redhat.com/browse/OCPBUGS-54675

Link to docs preview:

QE review:

  • QE has approved this change.

Additional information:

After adding https://issues.redhat.com/browse/OCPBUGS-52203, the permission cloudkms.cryptoKeyVersions.useToEncrypt is required when a user wants to use the key for data encryption.

@brendan-daly-red-hat
@jianli-wei

@barbacbd
OCPBUGS-54675: Add permissions for using keys for encryption
2e7c68f 
** GCP KMS keys are used for encrypting data. The permission to use the keys for encryption is
cloudkms.cryptoKeyVersions.useToEncrypt.
@openshift-ci-robot openshift-ci-robot added jira/severity-moderate Referenced Jira bug's severity is moderate for the branch this PR is targeting. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. jira/valid-bug Indicates that a referenced Jira bug is valid for the branch this PR is targeting. labels Apr 7, 2025
@openshift-ci-robot
Copy link

@barbacbd: This pull request references Jira Issue OCPBUGS-54675, which is valid. The bug has been moved to the POST state.

3 validation(s) were run on this bug
  • bug is open, matching expected state (open)
  • bug target version (4.19.0) matches configured target version for branch (4.19.0)
  • bug is in the state ASSIGNED, which is one of the valid states (NEW, ASSIGNED, POST)

Requesting review from QA contact:
/cc @jianli-wei

The bug has been updated to refer to the pull request using the external bug tracker.

In response to this:

OCPBUGS-54675: Add permissions for using keys for encryption

Version(s):

4.19+

Issue:

Link to this bug: https://issues.redhat.com/browse/OCPBUGS-54675

Link to docs preview:

QE review:

  • QE has approved this change.

Additional information:

After adding https://issues.redhat.com/browse/OCPBUGS-52203, the permission cloudkms.cryptoKeyVersions.useToEncrypt is required when a user wants to use the key for data encryption.

@brendan-daly-red-hat
@jianli-wei

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-ci openshift-ci bot requested a review from jianli-wei April 7, 2025 14:51
@openshift-ci openshift-ci bot added the size/S Denotes a PR that changes 10-29 lines, ignoring generated files. label Apr 7, 2025
@ocpdocs-previewbot
Copy link

🤖 Mon Apr 07 14:58:11 - Prow CI generated the docs preview:

https://91757--ocpdocs-pr.netlify.app/openshift-enterprise/latest/installing/installing_gcp/installing-gcp-account.html
https://91757--ocpdocs-pr.netlify.app/openshift-enterprise/latest/installing/installing_gcp/installing-gcp-user-infra.html
https://91757--ocpdocs-pr.netlify.app/openshift-enterprise/latest/installing/installing_gcp/installing-restricted-networks-gcp.html

@openshift-ci OpenShift CI
Copy link

openshift-ci bot commented Apr 7, 2025

@barbacbd: all tests passed!

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jianli-wei jianli-wei Awaiting requested review from jianli-wei

@brendan-daly-red-hat brendan-daly-red-hat Awaiting requested review from brendan-daly-red-hat

Assignees
No one assigned
Labels
jira/severity-moderate Referenced Jira bug's severity is moderate for the branch this PR is targeting. jira/valid-bug Indicates that a referenced Jira bug is valid for the branch this PR is targeting. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. size/S Denotes a PR that changes 10-29 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@barbacbd @openshift-ci-robot @ocpdocs-previewbot