Skip to content
This repository has been archived by the owner on Mar 29, 2023. It is now read-only.

Commit

Permalink
Add comments
Browse files Browse the repository at this point in the history
  • Loading branch information
@Etiene
Etiene committed Aug 29, 2019
1 parent 5ca753c commit d3617ee
Showing 1 changed file with 12 additions and 0 deletions.
12 changes: 12 additions & 0 deletions modules/gke-service-account/main.tf
View file
Original file line number Diff line number Diff line change
@@ -1,14 +1,26 @@
# ----------------------------------------------------------------------------------------------------------------------
# REQUIRE A SPECIFIC TERRAFORM VERSION OR HIGHER
# This module uses terraform 0.12 syntax and features that are available only
# since version 0.12.6
# ----------------------------------------------------------------------------------------------------------------------
terraform {
required_version = ">= 0.12.6"
}

# ----------------------------------------------------------------------------------------------------------------------
# CREATE SERVICE ACCOUNT
# ----------------------------------------------------------------------------------------------------------------------
resource "google_service_account" "service_account" {
project = var.project
account_id = var.name
display_name = var.description
}

# ----------------------------------------------------------------------------------------------------------------------
# ADD ROLES TO SERVICE ACCOUNT
# Grant the service account the minimum necessary roles and permissions in order to run the GKE cluster
# plus any other roles added through the 'service_account_roles' variable
# ----------------------------------------------------------------------------------------------------------------------
locals {
all_service_account_roles = concat(var.service_account_roles, [
"roles/logging.logWriter",
Expand Down

0 comments on commit d3617ee

Please sign in to comment.