zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1623 from GoogleCloudPlatform/jccb/fix-fast-bootstrap-iam 

Fix role name for delegated grants in FAST bootstrap
This commit is contained in:
Julio Castillo 2023-08-25 08:43:20 +02:00 committed by GitHub
parent 5b43ed270d 44a65f79e5
commit e4a33b56e0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
fast/stages/0-bootstrap/organization.tf
View File

@ -88,9 +88,8 @@ module "organization" {
)
# delegated role grant for resource manager service account
iam_bindings = {
sa_resman_delegated_iam = {
(module.organization.custom_role_id[var.custom_role_names.organization_iam_admin]) = {
members = [module.automation-tf-resman-sa.iam_email]
role = module.organization.custom_role_id[var.custom_role_names.organization_iam_admin]
condition = {
expression = format(
"api.getAttribute('iam.googleapis.com/modifiedGrantsByRole', []).hasOnly([%s])",