24 lines
1.1 KiB
HCL
24 lines
1.1 KiB
HCL
resource "google_service_account" "account" {
|
|
account_id = "sa-${var.env_name}-${var.component_name}"
|
|
display_name = "Cloud Run Job Service Account for ${var.env_name} in ${var.component_name} environment"
|
|
description = "Cloud Run Job Service Account for ${var.env_name} in ${var.component_name} environment"
|
|
project = var.project_id
|
|
}
|
|
|
|
# Cloud FunctionのIAM設定
|
|
resource "google_cloudfunctions2_function_iam_member" "invoker" {
|
|
project = google_cloudfunctions2_function.function.project
|
|
location = google_cloudfunctions2_function.function.location
|
|
cloud_function = google_cloudfunctions2_function.function.name
|
|
role = "roles/cloudfunctions.invoker"
|
|
member = "serviceAccount:${google_service_account.account.email}"
|
|
}
|
|
|
|
# Cloud Run ServiceのIAM設定
|
|
resource "google_cloud_run_service_iam_member" "cloud_run_invoker" {
|
|
project = google_cloudfunctions2_function.function.project
|
|
location = google_cloudfunctions2_function.function.location
|
|
service = google_cloudfunctions2_function.function.name
|
|
role = "roles/run.invoker"
|
|
member = "serviceAccount:${google_service_account.account.email}"
|
|
} |