zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1178 from valeriobponza/master 

adding meshconfig.googleapis.com to JIT list.
This commit is contained in:
Julio Castillo 2023-02-24 19:28:04 +01:00 committed by GitHub
parent 72a11897a6 899960c247
commit 3e4eb5207a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
modules/gke-hub/README.md
View File

@ -314,7 +314,7 @@ module "hub" {
] ]
} }
# tftest modules=8 resources=31 # tftest modules=8 resources=32
``` ```
<!-- BEGIN TFDOC --> <!-- BEGIN TFDOC -->

1
modules/project/README.md
View File

@ -189,6 +189,7 @@ This table lists all affected services and roles that you need to grant to servi
| cloudasset.googleapis.com | cloudasset | roles/cloudasset.serviceAgent | | cloudasset.googleapis.com | cloudasset | roles/cloudasset.serviceAgent |
| cloudbuild.googleapis.com | cloudbuild | roles/cloudbuild.builds.builder | | cloudbuild.googleapis.com | cloudbuild | roles/cloudbuild.builds.builder |
| gkehub.googleapis.com | fleet | roles/gkehub.serviceAgent | | gkehub.googleapis.com | fleet | roles/gkehub.serviceAgent |
| meshconfig.googleapis.com | servicemesh | roles/anthosservicemesh.serviceAgent |
| multiclusteringress.googleapis.com | multicluster-ingress | roles/multiclusteringress.serviceAgent | | multiclusteringress.googleapis.com | multicluster-ingress | roles/multiclusteringress.serviceAgent |
| pubsub.googleapis.com | pubsub | roles/pubsub.serviceAgent | | pubsub.googleapis.com | pubsub | roles/pubsub.serviceAgent |
| sqladmin.googleapis.com | sqladmin | roles/cloudsql.serviceAgent | | sqladmin.googleapis.com | sqladmin | roles/cloudsql.serviceAgent |

2
modules/project/service-accounts.tf
View File

@ -50,6 +50,7 @@ locals {
notebooks = "service-%s@gcp-sa-notebooks" notebooks = "service-%s@gcp-sa-notebooks"
pubsub = "service-%s@gcp-sa-pubsub" pubsub = "service-%s@gcp-sa-pubsub"
secretmanager = "service-%s@gcp-sa-secretmanager" secretmanager = "service-%s@gcp-sa-secretmanager"
servicemesh = "service-%s@gcp-sa-servicemesh"
sql = "service-%s@gcp-sa-cloud-sql" sql = "service-%s@gcp-sa-cloud-sql"
sqladmin = "service-%s@gcp-sa-cloud-sql" sqladmin = "service-%s@gcp-sa-cloud-sql"
storage = "service-%s@gs-project-accounts" storage = "service-%s@gs-project-accounts"
@ -81,6 +82,7 @@ locals {
"gkehub.googleapis.com", # grant roles/gkehub.serviceAgent to fleet "gkehub.googleapis.com", # grant roles/gkehub.serviceAgent to fleet
"multiclusteringress.googleapis.com", # grant roles/multiclusteringress.serviceAgent to multicluster-ingress "multiclusteringress.googleapis.com", # grant roles/multiclusteringress.serviceAgent to multicluster-ingress
"pubsub.googleapis.com", # grant roles/pubsub.serviceAgent to pubsub "pubsub.googleapis.com", # grant roles/pubsub.serviceAgent to pubsub
"meshconfig.googleapis.com", # grant roles/anthosservicemesh.serviceAgent to meshconfig
"secretmanager.googleapis.com", # no grants needed "secretmanager.googleapis.com", # no grants needed
"sqladmin.googleapis.com", # grant roles/cloudsql.serviceAgent to sqladmin (TODO: verify) "sqladmin.googleapis.com", # grant roles/cloudsql.serviceAgent to sqladmin (TODO: verify)
] ]