Skip to content

Commit

Permalink
Merge pull request #788 from near/kmaus-near/add-log-writer-role
Browse files Browse the repository at this point in the history 
FIX: add log writer role
  • Loading branch information
@ppca
ppca authored Jul 31, 2024
2 parents dd99c3b + 0066ba5 commit 862de64
Show file tree
Hide file tree
Showing 3 changed files with 5 additions and 4 deletions.
1 change: 1 addition & 0 deletions infra/multichain-mainnet/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,6 +74,7 @@ resource "google_project_iam_member" "sa-roles" {
"roles/secretmanager.admin",
"roles/storage.objectAdmin",
"roles/iam.serviceAccountAdmin",
"roles/logging.logWriter"
])

role = each.key
Expand Down
1 change: 1 addition & 0 deletions infra/partner-mainnet/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,6 +74,7 @@ resource "google_project_iam_member" "sa-roles" {
"roles/secretmanager.admin",
"roles/storage.objectAdmin",
"roles/iam.serviceAccountAdmin",
"roles/logging.logWriter",
])

role = each.key
Expand Down
7 changes: 3 additions & 4 deletions infra/partner-testnet/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,18 +68,17 @@ resource "google_service_account" "service_account" {
display_name = "Multichain ${var.env} Account"
}

resource "google_project_iam_binding" "sa-roles" {
resource "google_project_iam_member" "sa-roles" {
for_each = toset([
"roles/datastore.user",
"roles/secretmanager.admin",
"roles/storage.objectAdmin",
"roles/iam.serviceAccountAdmin",
"roles/logging.logWriter",
])

role = each.key
members = [
"serviceAccount:${google_service_account.service_account.email}"
]
member = "serviceAccount:${google_service_account.service_account.email}"
project = var.project_id
}

Expand Down

0 comments on commit 862de64

Please sign in to comment.