issue with gcp artifact registry roleset: unsupported ressource type

[artifact-reg]

hello
I am trying to add permission at artifact registry repository level using vault roleset. I got unsupported ressource type
thanks for your support and best regards

cat bind.hcl
resource "https://artifactregistry.googleapis.com/v1beta2/projects/prj-id/locations/europe-west1/repositories/test123" {
roles = ["roles/artifactregistry.reader"]
}

./vault write gcp/roleset/my-token-roleset project="prj-id" secret_type="access_token" token_scopes="https://www.googleapis.com/auth/cloud-platform" [email protected]
Error writing data to gcp/roleset/my-token-roleset: Error making API request.

URL: PUT http://127.0.0.1:8200/v1/gcp/roleset/my-token-roleset
Code: 400. Errors:

• invalid resource "https://artifactregistry.googleapis.com/v1beta2/projects/prj-id/locations/europe-west1/repositories/test123": unsupported resource type: projects/locations/repositories

[austingebauer]

Thanks for opening this @artifact-reg! We currently don't support artifact registry as a resource for assigning roles, so this is a feature request. It's unlikely that we pick this up any time soon. We'd be happy to review a pull request if you want to add support.

[danjeffery]

@austingebauer I'm also interested in why this is not supported. Google is EOL very soon on container registry so this is a big deal for some folks.

A PR was contributed: #110
It was then closed with no explanation (or response from Hashicorp) a year later.

[bmaximuml]

This is fixed in: hashicorp/vault#28089