Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

The storage.googleapis.com service identity should use google_storage_project_service_account #803

Closed
strongishllama opened this issue Mar 23, 2023 · 3 comments
Closed

The storage.googleapis.com service identity should use google_storage_project_service_account #803

strongishllama opened this issue Mar 23, 2023 · 3 comments
Labels
bug Something isn't working Stale

Comments

@strongishllama
Copy link

strongishllama commented Mar 23, 2023
edited
Loading

TL;DR

Currently, when the activate_api_identities variable contains an object where the api property is set to storage.googleapis.com it will attempt to use the google_project_service_identity resource to activate the service idedentity. It instead should use the google_storage_project_service_account data resource, similar to how the compute.googleapis.com is handled.

Expected behavior

The service identity under the storage.googleapis.com is created and any roles passed are bound to it.

Observed behavior

A failed deployment when passing in the following object to the activate_api_identities variable.

{
    api = "storage.googleapis.com"
    roles = [
        "roles/pubsub.publisher"
    ]
}

Terraform Configuration

module "project" {
  source  = "terraform-google-modules/project-factory/google"
  version = "~> 13.0.0"

  activate_api_identities = [
    {
      api = "storage.googleapis.com"
      roles = [
        "roles/pubsub.publisher"
      ]
    }
  ]
  auto_create_network                = false
  billing_account                    = "BILLING_ACCOUNT"
  default_service_account            = "disable"
  folder_id                          = "FOLDER_ID"
  grant_services_security_admin_role = false
  labels                             = {}
  name                               = "PROJECT_NAME"
  org_id                             = "ORG_ID"
  random_project_id                  = false
}

Terraform Version

Terraform v1.3.3
on darwin_amd64

Additional information

No response
@strongishllama strongishllama added the bug Something isn't working label Mar 23, 2023
@github-actions
Copy link

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days

@github-actions github-actions bot added the Stale label May 22, 2023
@strongishllama
Copy link
Author

bump

@github-actions github-actions bot removed the Stale label May 23, 2023
@github-actions
Copy link

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days

@github-actions github-actions bot added the Stale label Jul 23, 2023
@github-actions github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale Jul 31, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working Stale
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@strongishllama