Architecture

This guide describes the architecture diagram and access policies in a compute plane in your GCP account

GCP Architecture Diagram

Please refer to the "Access Policies" section for details of each access policy.

Access Policy	Role	Reason
RolePolicy - Blob storage - link Secret manager - link Artifact Registry - link Cluster viewer - link Cluster Autoscaler - link	`<cluster_name>-platform-user`	Roles assumed by the TrueFoundry user are added for the following reason: To create and manage blob storage buckets To create and manage secrets within secret manager to be used within the platform To pull and push images to artifact registry To enable cloud integration for GCP. This is used to surface node level details in the platform To allow viewing cluster autoscaler logs

Access Policy

Role

Reason

RolePolicy -

<cluster_name>-platform-user

Roles assumed by the TrueFoundry user are added for the following reason:

To create and manage blob storage buckets
To create and manage secrets within secret manager to be used within the platform
To pull and push images to artifact registry
To enable cloud integration for GCP. This is used to surface node level details in the platform
To allow viewing cluster autoscaler logs

Updated about 1 month ago