Merge branch 'master' into master
This commit is contained in:
commit
5f190bd01d
|
@ -314,7 +314,7 @@ module "hub" {
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
# tftest modules=8 resources=31
|
# tftest modules=8 resources=32
|
||||||
```
|
```
|
||||||
<!-- BEGIN TFDOC -->
|
<!-- BEGIN TFDOC -->
|
||||||
|
|
||||||
|
|
|
@ -189,6 +189,7 @@ This table lists all affected services and roles that you need to grant to servi
|
||||||
| cloudasset.googleapis.com | cloudasset | roles/cloudasset.serviceAgent |
|
| cloudasset.googleapis.com | cloudasset | roles/cloudasset.serviceAgent |
|
||||||
| cloudbuild.googleapis.com | cloudbuild | roles/cloudbuild.builds.builder |
|
| cloudbuild.googleapis.com | cloudbuild | roles/cloudbuild.builds.builder |
|
||||||
| gkehub.googleapis.com | fleet | roles/gkehub.serviceAgent |
|
| gkehub.googleapis.com | fleet | roles/gkehub.serviceAgent |
|
||||||
|
| meshconfig.googleapis.com | servicemesh | roles/anthosservicemesh.serviceAgent |
|
||||||
| multiclusteringress.googleapis.com | multicluster-ingress | roles/multiclusteringress.serviceAgent |
|
| multiclusteringress.googleapis.com | multicluster-ingress | roles/multiclusteringress.serviceAgent |
|
||||||
| pubsub.googleapis.com | pubsub | roles/pubsub.serviceAgent |
|
| pubsub.googleapis.com | pubsub | roles/pubsub.serviceAgent |
|
||||||
| sqladmin.googleapis.com | sqladmin | roles/cloudsql.serviceAgent |
|
| sqladmin.googleapis.com | sqladmin | roles/cloudsql.serviceAgent |
|
||||||
|
|
|
@ -50,6 +50,7 @@ locals {
|
||||||
notebooks = "service-%s@gcp-sa-notebooks"
|
notebooks = "service-%s@gcp-sa-notebooks"
|
||||||
pubsub = "service-%s@gcp-sa-pubsub"
|
pubsub = "service-%s@gcp-sa-pubsub"
|
||||||
secretmanager = "service-%s@gcp-sa-secretmanager"
|
secretmanager = "service-%s@gcp-sa-secretmanager"
|
||||||
|
servicemesh = "service-%s@gcp-sa-servicemesh"
|
||||||
sql = "service-%s@gcp-sa-cloud-sql"
|
sql = "service-%s@gcp-sa-cloud-sql"
|
||||||
sqladmin = "service-%s@gcp-sa-cloud-sql"
|
sqladmin = "service-%s@gcp-sa-cloud-sql"
|
||||||
storage = "service-%s@gs-project-accounts"
|
storage = "service-%s@gs-project-accounts"
|
||||||
|
@ -81,6 +82,7 @@ locals {
|
||||||
"gkehub.googleapis.com", # grant roles/gkehub.serviceAgent to fleet
|
"gkehub.googleapis.com", # grant roles/gkehub.serviceAgent to fleet
|
||||||
"multiclusteringress.googleapis.com", # grant roles/multiclusteringress.serviceAgent to multicluster-ingress
|
"multiclusteringress.googleapis.com", # grant roles/multiclusteringress.serviceAgent to multicluster-ingress
|
||||||
"pubsub.googleapis.com", # grant roles/pubsub.serviceAgent to pubsub
|
"pubsub.googleapis.com", # grant roles/pubsub.serviceAgent to pubsub
|
||||||
|
"meshconfig.googleapis.com", # grant roles/anthosservicemesh.serviceAgent to meshconfig
|
||||||
"secretmanager.googleapis.com", # no grants needed
|
"secretmanager.googleapis.com", # no grants needed
|
||||||
"sqladmin.googleapis.com", # grant roles/cloudsql.serviceAgent to sqladmin (TODO: verify)
|
"sqladmin.googleapis.com", # grant roles/cloudsql.serviceAgent to sqladmin (TODO: verify)
|
||||||
]
|
]
|
||||||
|
|
Loading…
Reference in New Issue