Skip to content

Commit

Permalink
Merge pull request #55 from Vizzuality/infrastructure/service_account…
Browse files Browse the repository at this point in the history 
…_for_data_pipelines

Permissions for data pipelines service account
  • Loading branch information
Agnieszka Figiel authored Nov 14, 2023
2 parents 2d92796 + ae46d5c commit c75b08b
Showing 1 changed file with 22 additions and 0 deletions.
22 changes: 22 additions & 0 deletions infrastructure/base/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,3 +34,25 @@ module "dns" {
domain = var.domain
name = "skytruth"
}

resource "google_service_account" "data_pipelines_service_account" {
project = var.gcp_project_id
account_id = "data-pipelines"
display_name = "data-pipelines"
description = "Data Pipelines Service Account"
}

import {
id = "projects/x30-399415/serviceAccounts/[email protected]"
to = google_service_account.data_pipelines_service_account
}

data "google_storage_bucket" "data_pipelines_bucket" {
name = "vector-data-raw"
}

resource "google_storage_bucket_iam_member" "member" {
bucket = data.google_storage_bucket.data_pipelines_bucket.name
role = "roles/storage.admin"
member = "serviceAccount:${google_service_account.data_pipelines_service_account.email}"
}

0 comments on commit c75b08b

Please sign in to comment.