admin管理员组文章数量:1398807
I have a Terraform project using Google's Cloud Foundation Fabric modules. I have a service account that I am impersonating that has enough permissions to create the resources I have needed so far.
provider "google" {
impersonate_service_account = "[email protected]"
}
However, when I try to the cloud-run-v2 module I get an error saying the account does not have run.services.create permissions.
The service account has roles/run.admin permission which should be enough.
Why is Cloud Run behaving differently with my impersonated service account than other modules?
I have a Terraform project using Google's Cloud Foundation Fabric modules. I have a service account that I am impersonating that has enough permissions to create the resources I have needed so far.
provider "google" {
impersonate_service_account = "[email protected]"
}
However, when I try to the cloud-run-v2 module I get an error saying the account does not have run.services.create permissions.
The service account has roles/run.admin permission which should be enough.
Why is Cloud Run behaving differently with my impersonated service account than other modules?
Share Improve this question asked Mar 14 at 16:44 SoviutSoviut 91.9k53 gold badges209 silver badges283 bronze badges1 Answer
Reset to default 0Cloud Foundation Fabric makes use of two separate google providers; one named google the other named google-beta. Certain modules like cloud-run-v2 and artifact-registry rely on google-beta. Therefore, you must impersonate the service account on both providers at once.
provider "google" {
impersonate_service_account = "[email protected]"
}
provider "google-beta" {
impersonate_service_account = "[email protected]"
}
本文标签:
版权声明:本文标题:How do I impersonate a service account in Terraform to create Cloud Run v2 instances with Google Cloud Foundation Fabric? - Stac 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1744641659a2617159.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论