Skip to content
This repository has been archived by the owner on Sep 21, 2020. It is now read-only.

Commit

Permalink
Add preferences, flowmanager individual SAs into common gcp-project
Browse files Browse the repository at this point in the history
  • Loading branch information
@natarajaya
natarajaya committed Jul 2, 2019
1 parent 9bb9880 commit ec65c18
Show file tree
Hide file tree
Showing 2 changed files with 22 additions and 0 deletions.
8 changes: 8 additions & 0 deletions common/modules/gcp-project/main.tf
View file
Expand Up @@ -261,6 +261,8 @@ data "google_iam_policy" "combined" {
"serviceAccount:${google_service_account.gke_cluster_node.email}",
"serviceAccount:${google_service_account.gke_cluster_pod_default.email}",
"serviceAccount:${google_service_account.gke_cluster_pod_backup_exporter.email}",
"serviceAccount:${google_service_account.gke_cluster_pod_preferences.email}",
"serviceAccount:${google_service_account.gke_cluster_pod_flowmanager.email}",
]
}

Expand All @@ -271,6 +273,8 @@ data "google_iam_policy" "combined" {
"serviceAccount:${google_service_account.gke_cluster_node.email}",
"serviceAccount:${google_service_account.gke_cluster_pod_default.email}",
"serviceAccount:${google_service_account.gke_cluster_pod_backup_exporter.email}",
"serviceAccount:${google_service_account.gke_cluster_pod_preferences.email}",
"serviceAccount:${google_service_account.gke_cluster_pod_flowmanager.email}",
]
}

Expand All @@ -281,6 +285,8 @@ data "google_iam_policy" "combined" {
"serviceAccount:${google_service_account.gke_cluster_node.email}",
"serviceAccount:${google_service_account.gke_cluster_pod_default.email}",
"serviceAccount:${google_service_account.gke_cluster_pod_backup_exporter.email}",
"serviceAccount:${google_service_account.gke_cluster_pod_preferences.email}",
"serviceAccount:${google_service_account.gke_cluster_pod_flowmanager.email}",
]
}

Expand All @@ -291,6 +297,8 @@ data "google_iam_policy" "combined" {
"serviceAccount:${google_service_account.gke_cluster_node.email}",
"serviceAccount:${google_service_account.gke_cluster_pod_default.email}",
"serviceAccount:${google_service_account.gke_cluster_pod_backup_exporter.email}",
"serviceAccount:${google_service_account.gke_cluster_pod_preferences.email}",
"serviceAccount:${google_service_account.gke_cluster_pod_flowmanager.email}",
]
}

Expand Down
14 changes: 14 additions & 0 deletions common/modules/gcp-project/service_accounts.tf
View file
Expand Up @@ -32,3 +32,17 @@ resource "google_service_account" "gke_cluster_pod_k8s_snapshots" {
display_name = "gke-cluster-pod-k8s-snapshots"
project = "${google_project.project.project_id}"
}

# Service account for preferences
resource "google_service_account" "gke_cluster_pod_preferences" {
account_id = "gke-cluster-pod-preferences"
display_name = "gke-cluster-pod-preferences"
project = "${google_project.project.project_id}"
}

# Service account for flowmanger
resource "google_service_account" "gke_cluster_pod_flowmanager" {
account_id = "gke-cluster-pod-flowmanager"
display_name = "gke-cluster-pod-flowmanager"
project = "${google_project.project.project_id}"
}

0 comments on commit ec65c18

Please sign in to comment.