Hi Google Community,
In our current project we are using Publish Message as policy to publish message in pub-sub GCP components. We are doing CI/CD deployment using apigee-cli cmd, so to use this policy we have to specify service account account detail while doing deployment of the proxy.
Currently we have enabled below roles in the assigned service account
role1: roles/apigee.environmentAdmin
role2: roles/apihub.admin
role3: **roles/apigee.apiAdminV2
**
But as we have not mentioned roles specific to pub sub, the apigee is not allowing to deploy.
Is the below roles will be sufficient.
-
roles/pubsub.publisher
-
roles/pubsub.editor
-
roles/pubsub.subscriber
Can you suggest please.