GCP Architecture Diagram

Please refer to the “Access Policies” section for details of each access policy.

Access Policies

Access PolicyRoleReason
RolePolicy -
- Blob storage - link
- Secret manager - link
- Artifact Registry - link
- Cluster viewer - link
- Cluster Autoscaler - link
<cluster_name>-platform-userRoles assumed by the TrueFoundry user are added for the following reason:
- To create and manage blob storage buckets
- To create and manage secrets within secret manager to be used within the platform
- To pull and push images to artifact registry
- To enable cloud integration for GCP. This is used to surface node level details in the platform
- To allow viewing cluster autoscaler logs