Skip to content

Commit fbb7a02

Browse files
davidheryantodavidheryanto
authored
Fix broken link in helm installation docs (#808)
1 parent f425d7d commit fbb7a02

File tree

2 files changed

+14
-4
lines changed

2 files changed

+14
-4
lines changed

infra/charts/feast/README.md

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -116,8 +116,13 @@ training, access to BigQuery is required. First, create a [service account](http
116116
will provide the credentials to access BigQuery. Grant the service account `editor`
117117
role so it has write permissions to BigQuery and Cloud Storage.
118118

119-
> In production, it is advised to give only the required [permissions](foo-feast-batch-serving-test) for the
120-
> the service account, versus `editor` role which is very permissive.
119+
> In production, it is advised to grant these specific roles, versus `editor`
120+
> role which is very permissive:
121+
> - **Dataflow Admin**: Permissions to create and manage Dataflow jobs
122+
> - **Service Account User**: Permissions to set a service account on Dataflow workers
123+
> - **Storage Admin**: Permissions to write files into Google Cloud Storage
124+
> - **BigQuery Data Editor**: Permissions to write data into BigQuery
125+
> - **BigQuery Job User**: Permisssions to run query in BigQuery
121126
122127
Create a Kubernetes secret for the service account JSON file:
123128
```bash

infra/charts/feast/README.md.gotmpl

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -91,8 +91,13 @@ training, access to BigQuery is required. First, create a [service account](http
9191
will provide the credentials to access BigQuery. Grant the service account `editor`
9292
role so it has write permissions to BigQuery and Cloud Storage.
9393

94-
> In production, it is advised to give only the required [permissions](foo-feast-batch-serving-test) for the
95-
> the service account, versus `editor` role which is very permissive.
94+
> In production, it is advised to grant these specific roles, versus `editor`
95+
> role which is very permissive:
96+
> - **Dataflow Admin**: Permissions to create and manage Dataflow jobs
97+
> - **Service Account User**: Permissions to set a service account on Dataflow workers
98+
> - **Storage Admin**: Permissions to write files into Google Cloud Storage
99+
> - **BigQuery Data Editor**: Permissions to write data into BigQuery
100+
> - **BigQuery Job User**: Permisssions to run query in BigQuery
96101

97102
Create a Kubernetes secret for the service account JSON file:
98103
```bash

0 commit comments

Comments
 (0)