14 lines
594 B
HCL
14 lines
594 B
HCL
resource "google_service_account" "job_sa" {
|
|
account_id = "sa-${var.job_name}-${var.env_name}"
|
|
display_name = "Cloud Run Job Service Account for ${var.job_name} in ${var.env_name} environment"
|
|
description = "Cloud Run Job Service Account for ${var.job_name} in ${var.env_name} environment"
|
|
project = var.project_id
|
|
}
|
|
|
|
# IAM role assignment
|
|
# Cloud Run Job実行に必要な権限を付与
|
|
resource "google_project_iam_member" "run_job_invoker" {
|
|
project = var.project_id
|
|
role = "roles/run.invoker"
|
|
member = "serviceAccount:${google_service_account.job_sa.email}"
|
|
} |