[英]IBM Cloud: Least privileges for service ID that needs to update a Code Engine app?
I am using IBM Cloud Code Engine to deploy my containerized apps.我正在使用 IBM Cloud Code Engine 来部署我的容器化应用程序。 Now, I would like to use a service ID (or its API key) to run a toolchain and within to update an already existing app.
现在,我想使用服务 ID(或其 API 密钥)来运行工具链并在其中更新现有的应用程序。 What privileges are needed to push the new container image to a private registry and to update the app from that image?
将新容器镜像推送到私有注册表并从该镜像更新应用程序需要哪些权限?
It seems the following privileges are needed.似乎需要以下权限。 They can be created as access policies within an IBM Cloud IAM access group .
它们可以创建为IBM Cloud IAM 访问组中的访问策略。 The service ID is then added to that access group.
然后将服务 ID 添加到该访问组。
With the above privileges my pipeline could run successfully.有了以上权限,我的管道就可以成功运行了。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.