Description
I have followed this guide on how to setup a role with minimal permissions for KES.
https://github.com/minio/kes-docs/blob/main/content/integrations/google-cloud-secret-manager.md
During testing, the Minio tenant pod went into a crashloop with the following logs:
level=ERROR msg="gcp: failed to read 'my-minio-key': rpc error: code = PermissionDenied desc = Permission 'secretmanager.versions.access' denied for resource 'projects/############/secrets/my-minio-key/versions/1'
and
``failed to create 'my-minio-key': rpc error: code = PermissionDenied desc = Permission 'secretmanager.versions.add' denied for resource 'projects/############/secrets/my-minio-key'
After adding secretmanager.versions.access and secretmanager.versions.add permissions, it worked.