Skip to content

fix(DOC-2058): clarify GCP IAM permissions are for agent, not Terraform bootstrap#531

Open
mfernest wants to merge 4 commits intomainfrom
fix/doc-2058-gcp-iam-bootstrap-misleading
Open

fix(DOC-2058): clarify GCP IAM permissions are for agent, not Terraform bootstrap#531
mfernest wants to merge 4 commits intomainfrom
fix/doc-2058-gcp-iam-bootstrap-misleading

Conversation

@mfernest
Copy link
Contributor

@mfernest mfernest commented Mar 17, 2026
edited by micheleRP
Loading

Summary

This pull request improves the documentation for creating BYOC clusters on GCP by clarifying prerequisites, separating bootstrap and agent permissions, and updating IAM permissions guidance. The changes help users better understand the required setup and permissions for successful cluster deployment.

  • Added a new prerequisites section to the BYOC GCP cluster creation guide, specifying the required rpk version, necessary GCP user/service account permissions (roles/editor or higher), and Google Cloud CLI setup steps.
  • Clarified that the permissions required by the Redpanda agent are assigned during agent deployment, and provided a reference to the relevant IAM permissions documentation.
  • Updated the IAM policies partial to clarify that the listed permissions are for the Redpanda agent service account (not the user's GCP account) and are not required for the initial Terraform bootstrap.

Preview pages

Create BYOC on GCP
GCP IAM Policies

Fixes DOC-2058

Generated with Claude Code

@mfernest @claude
fix(DOC-2058): clarify GCP IAM permissions are for agent, not Terrafo…
2ad6fab 
…rm bootstrap

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@mfernest mfernest requested a review from a team as a code owner March 17, 2026 19:40
@coderabbitai
Copy link
Contributor

coderabbitai bot commented Mar 17, 2026
edited
Loading

📝 Walkthrough

Walkthrough

This pull request updates the GCP BYOC documentation to clarify IAM permissions. The change specifies that the described IAM permissions are those used by the Redpanda agent service account to manage BYOC resources, distinguishing them from the permissions a user's GCP account needs for the initial Terraform bootstrap. A link reference is also updated from plural to singular form.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~5 minutes

Possibly related PRs

Suggested reviewers

  • kbatuigas
  • razalkind
  • micheleRP
🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly and specifically describes the main change: clarifying that GCP IAM permissions apply to the agent service account, not Terraform bootstrap.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Description check ✅ Passed The pull request description is comprehensive and well-structured, clearly explaining the changes made and their purpose.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch fix/doc-2058-gcp-iam-bootstrap-misleading

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@netlify
Copy link

netlify bot commented Mar 17, 2026
edited
Loading

Deploy Preview for rp-cloud ready!

Name Link
🔨 Latest commit 8a1155d
🔍 Latest deploy log https://app.netlify.com/projects/rp-cloud/deploys/69c5c74e31eae20008f8eb4f
😎 Deploy Preview https://deploy-preview-531--rp-cloud.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@matteogaraventa
Copy link

matteogaraventa commented Mar 18, 2026

Thanks for the update @mfernest .

The new docs version makes it clear that such docs page doesn't cover the initial Terraform bootstrap use-case, however this is precisely what customer's pain point is which prompted him to raise two Zendesk tickets.

So is there a plan to create dedicated documentation for the needed permissions for the initial Terraform bootstrap use-case?

Thanks a lot.

CC: @gavinheavyside @jason-da-redpanda

@micheleRP
Copy link
Contributor

micheleRP commented Mar 26, 2026

Thanks for the update @mfernest .

The new docs version makes it clear that such docs page doesn't cover the initial Terraform bootstrap use-case, however this is precisely what customer's pain point is which prompted him to raise two Zendesk tickets.

So is there a plan to create dedicated documentation for the needed permissions for the initial Terraform bootstrap use-case?

Thanks a lot.

CC: @gavinheavyside @jason-da-redpanda

@matteogaraventa I've made some updates: please review this again!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gavinheavyside gavinheavyside Awaiting requested review from gavinheavyside

@matteogaraventa matteogaraventa Awaiting requested review from matteogaraventa

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@mfernest @matteogaraventa @micheleRP