Skip to content

Commit

Permalink
fix: grant ci permissions
Browse files Browse the repository at this point in the history
  • Loading branch information
@sqin2019
sqin2019 committed Apr 1, 2023
1 parent 9ebd1c1 commit 2eb73f0
Showing 1 changed file with 7 additions and 1 deletion.
8 changes: 7 additions & 1 deletion terraform/ci/variables.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,11 +30,17 @@ variable "ci_iam_roles" {
default = [
# To deploy and invoke cloud run services.
"roles/iam.serviceAccountUser",
"roles/run.developer",
"roles/run.admin",

# To operate KMS.
"roles/cloudkms.admin",
"roles/cloudkms.cryptoOperator",

# To read and edit project service during CI.
"roles/serviceusage.serviceUsageAdmin",

# To set project IAM policies.
"roles/resourcemanager.projectIamAdmin",
]
description = "List of IAM roles needed to run integration tests included in CI/CD."
}

0 comments on commit 2eb73f0

Please sign in to comment.