fixed permissions for security stage SA (#1376)
it should be able to use automation project as a quota project, hence it needs `serviceusage.serviceUsageConsumer` role
This commit is contained in:
parent
78ed6a8af6
commit
7861ea74b8
|
@ -59,6 +59,11 @@ module "branch-security-sa" {
|
|||
try(module.branch-security-sa-cicd.0.iam_email, null)
|
||||
])
|
||||
}
|
||||
iam_project_roles = {
|
||||
(var.automation.project_id) = [
|
||||
"roles/serviceusage.serviceUsageConsumer",
|
||||
]
|
||||
}
|
||||
iam_storage_roles = {
|
||||
(var.automation.outputs_bucket) = ["roles/storage.objectAdmin"]
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue