mirror of
https://github.com/google/nomulus.git
synced 2025-05-02 04:57:51 +02:00
6dec95b980
With terraform (https://terraform.io) we can convert most of the infrastructure setup into code. This simplifies setting up a new proxy as well as providing reproducibility in the setup, eliminating human errors as much as possible. ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=190634711
26 lines
939 B
HCL
26 lines
939 B
HCL
resource "google_service_account" "proxy_service_account" {
|
|
account_id = "proxy-service-account"
|
|
display_name = "Nomulus proxy service account"
|
|
}
|
|
|
|
resource "google_project_iam_member" "nomulus_project_viewer" {
|
|
project = "${var.nomulus_project_name}"
|
|
role = "roles/viewer"
|
|
member = "serviceAccount:${google_service_account.proxy_service_account.email}"
|
|
}
|
|
|
|
resource "google_project_iam_member" "gcr_storage_viewer" {
|
|
project = "${var.gcr_project_name}"
|
|
role = "roles/storage.objectViewer"
|
|
member = "serviceAccount:${google_service_account.proxy_service_account.email}"
|
|
}
|
|
|
|
resource "google_project_iam_member" "metric_writer" {
|
|
role = "roles/monitoring.metricWriter"
|
|
member = "serviceAccount:${google_service_account.proxy_service_account.email}"
|
|
}
|
|
|
|
resource "google_project_iam_member" "log_writer" {
|
|
role = "roles/logging.logWriter"
|
|
member = "serviceAccount:${google_service_account.proxy_service_account.email}"
|
|
}
|