-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathmain.tf
50 lines (44 loc) · 1.39 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
// Settings for the google cloud account
// Write the path to the json key giving access to the project
provider "google" {
credentials = file("<google-service-account-key-here>")
project = "pelagic-campus-276207"
region = "europe-north1"
zone = "europe-north1-a"
}
// Ressource 1: cloud run service running the docker image
// Write the path to the docker image hosted in the google container registry
// To set up this resource with Terraform, the service account key used
// must have the appropriate permissions.
resource "google_cloud_run_service" "default" {
name = "demo"
location = "europe-north1"
template {
spec {
containers {
image = "gcr.io/<project-id>/<image-name>:latest"
}
}
}
traffic {
percent = 100
latest_revision = true
}
}
// Ressource 2: gives to non authenticated users access to the web page
// To set up this resource with Terraform, the service account key used
// must have the appropriate permissions.
data "google_iam_policy" "noauth" {
binding {
role = "roles/run.invoker"
members = [
"allUsers",
]
}
}
resource "google_cloud_run_service_iam_policy" "noauth" {
location = google_cloud_run_service.default.location
project = google_cloud_run_service.default.project
service = google_cloud_run_service.default.name
policy_data = data.google_iam_policy.noauth.policy_data
}