From 68151b6d186988c81f7f8fbc0a3141629051470c Mon Sep 17 00:00:00 2001 From: damriera Date: Thu, 4 Dec 2025 09:36:49 +0000 Subject: [PATCH] AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA --- .../dev/.terraform/modules/modules.json | 2 +- terraform/environments/dev/main.tf | 6 + terraform/environments/dev/terraform.tfstate | 148 +++++++++++++++++- .../environments/dev/terraform.tfstate.backup | 47 +++--- terraform/modules/iam/main.tf | 31 ++++ terraform/modules/iam/outputs.tf | 9 ++ terraform/modules/iam/variables.tf | 5 + 7 files changed, 224 insertions(+), 24 deletions(-) diff --git a/terraform/environments/dev/.terraform/modules/modules.json b/terraform/environments/dev/.terraform/modules/modules.json index 27ce02f..2bf5e6f 100644 --- a/terraform/environments/dev/.terraform/modules/modules.json +++ b/terraform/environments/dev/.terraform/modules/modules.json @@ -1 +1 @@ -{"Modules":[{"Key":"","Source":"","Dir":"."},{"Key":"compute","Source":"../../modules/compute","Dir":"../../modules/compute"},{"Key":"network","Source":"../../modules/network","Dir":"../../modules/network"}]} \ No newline at end of file +{"Modules":[{"Key":"","Source":"","Dir":"."},{"Key":"compute","Source":"../../modules/compute","Dir":"../../modules/compute"},{"Key":"iam","Source":"../../modules/iam","Dir":"../../modules/iam"},{"Key":"network","Source":"../../modules/network","Dir":"../../modules/network"}]} \ No newline at end of file diff --git a/terraform/environments/dev/main.tf b/terraform/environments/dev/main.tf index efb9977..cddfdd7 100644 --- a/terraform/environments/dev/main.tf +++ b/terraform/environments/dev/main.tf @@ -31,3 +31,9 @@ module "compute" { backend_subnet_id = module.network.subnet_ids.backend database_subnet_id = module.network.subnet_ids.database } + +module "iam" { + source = "../../modules/iam" + project_id = var.project_id +} + diff --git a/terraform/environments/dev/terraform.tfstate b/terraform/environments/dev/terraform.tfstate index 94f0864..a99e43b 100644 --- a/terraform/environments/dev/terraform.tfstate +++ b/terraform/environments/dev/terraform.tfstate @@ -1,7 +1,7 @@ { "version": 4, "terraform_version": "1.14.1", - "serial": 16, + "serial": 24, "lineage": "68d76a72-f70d-5e6d-87bb-d6ad17acf000", "outputs": {}, "resources": [ @@ -473,6 +473,152 @@ } ] }, + { + "module": "module.iam", + "mode": "managed", + "type": "google_project_iam_member", + "name": "compute_admin", + "provider": "provider[\"registry.terraform.io/hashicorp/google\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "condition": [], + "etag": "BwZFHNUmS9o=", + "id": "iutsf-478713/roles/compute.admin/serviceAccount:terraform@iutsf-478713.iam.gserviceaccount.com", + "member": "serviceAccount:terraform@iutsf-478713.iam.gserviceaccount.com", + "project": "iutsf-478713", + "role": "roles/compute.admin" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.iam.google_service_account.terraform" + ] + } + ] + }, + { + "module": "module.iam", + "mode": "managed", + "type": "google_project_iam_member", + "name": "editor", + "provider": "provider[\"registry.terraform.io/hashicorp/google\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "condition": [], + "etag": "BwZFHNUmS9o=", + "id": "iutsf-478713/roles/editor/serviceAccount:terraform@iutsf-478713.iam.gserviceaccount.com", + "member": "serviceAccount:terraform@iutsf-478713.iam.gserviceaccount.com", + "project": "iutsf-478713", + "role": "roles/editor" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.iam.google_service_account.terraform" + ] + } + ] + }, + { + "module": "module.iam", + "mode": "managed", + "type": "google_project_iam_member", + "name": "network_admin", + "provider": "provider[\"registry.terraform.io/hashicorp/google\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "condition": [], + "etag": "BwZFHNUmS9o=", + "id": "iutsf-478713/roles/compute.networkAdmin/serviceAccount:terraform@iutsf-478713.iam.gserviceaccount.com", + "member": "serviceAccount:terraform@iutsf-478713.iam.gserviceaccount.com", + "project": "iutsf-478713", + "role": "roles/compute.networkAdmin" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.iam.google_service_account.terraform" + ] + } + ] + }, + { + "module": "module.iam", + "mode": "managed", + "type": "google_service_account", + "name": "terraform", + "provider": "provider[\"registry.terraform.io/hashicorp/google\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "account_id": "terraform", + "create_ignore_already_exists": null, + "description": "", + "disabled": false, + "display_name": "Terraform Service Account", + "email": "terraform@iutsf-478713.iam.gserviceaccount.com", + "id": "projects/iutsf-478713/serviceAccounts/terraform@iutsf-478713.iam.gserviceaccount.com", + "member": "serviceAccount:terraform@iutsf-478713.iam.gserviceaccount.com", + "name": "projects/iutsf-478713/serviceAccounts/terraform@iutsf-478713.iam.gserviceaccount.com", + "project": "iutsf-478713", + "timeouts": null, + "unique_id": "108746033464743928037" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDB9fQ==" + } + ] + }, + { + "module": "module.iam", + "mode": "managed", + "type": "google_service_account_key", + "name": "terraform_key", + "provider": "provider[\"registry.terraform.io/hashicorp/google\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "projects/iutsf-478713/serviceAccounts/terraform@iutsf-478713.iam.gserviceaccount.com/keys/b16f9c32834211c49918d9c27441e205bcf1de9d", + "keepers": null, + "key_algorithm": "KEY_ALG_RSA_2048", + "name": "projects/iutsf-478713/serviceAccounts/terraform@iutsf-478713.iam.gserviceaccount.com/keys/b16f9c32834211c49918d9c27441e205bcf1de9d", + "private_key": "ewogICJ0eXBlIjogInNlcnZpY2VfYWNjb3VudCIsCiAgInByb2plY3RfaWQiOiAiaXV0c2YtNDc4NzEzIiwKICAicHJpdmF0ZV9rZXlfaWQiOiAiYjE2ZjljMzI4MzQyMTFjNDk5MThkOWMyNzQ0MWUyMDViY2YxZGU5ZCIsCiAgInByaXZhdGVfa2V5IjogIi0tLS0tQkVHSU4gUFJJVkFURSBLRVktLS0tLVxuTUlJRXZBSUJBREFOQmdrcWhraUc5dzBCQVFFRkFBU0NCS1l3Z2dTaUFnRUFBb0lCQVFDYTc0MkNqUkRYK2RqSFxuOUpkK0RXb2NXTmZ3RDZ5TzcyZnRMcXZXbGsvRFlEZC9jZlFCRWJPWkVtQVNaNGtvcno2YVdsZ3gwOWFYdkRIa1xuaU4wR2d0Y2dHL1dUMEI4VXUyVlJneWpHYVA0bEhzNVk1WU1DRzFMVUJwcHBIVjRTZGJBRzhWdmZacjFocUFvMlxuSUNsNnBpUkpPaXhFQ24yL2VYUnlEWkw1YmwyTG1uUHQ2b0dtUHl1a0xzcmU2NXBBVXlPUmkySTVaWDZWZjVVU1xuRVBSbFpYODh5Rk1DTktVc1JZNTF4dXdvWXh4KzBFOXBGL3VWK0ZhRjVNUVJYSDVSb00vL05IV3dZMUFjby93V1xuZFdaUy9IL2Vvak9sbDlNQWlUNjArZ2s1bUtCV2JxY01wMHdta0Z6ZFdrcFh0ZXFNd3FHcytWNkwxVnB3YVI0eFxuUXI5TWVVTUJBZ01CQUFFQ2dnRUFGbmF4RDhLZ05KQTNEQmE4ZUR3OXJFcDlWSU1SUTlBV1ExOUc3dC93UktXSVxucG1QQk92NTBDYmVPVWx6TW1DZUFiaVMzTU5KRUJNLzJjK29jRWJ1YXNUOGNoZ2ZnMmNLcDEvMnFSY29uUHY2T1xuY0hrbVc0SFdxb01pbENiNzRyVkpobGdzTitIUGgzOHpxOUZSOGtSd2NtV0swWHFyN0wwUlV4QUF4VVZwTHJwR1xuVi9vVitpU3dSMDM3NmlNS1FTazNOanBKQnhlYzU2Nnc1NWVPMTR0THc0QnVYNDVTbGZzeDFDM3lGd0NJNFVZNFxubGlKZElnVysxMkg3RGVDdlF6OGxDWURjdmFROWNGNzZpWW45T3ZUSmZMSUdXaUM3VThwNGptalN0ZW1wSHJZR1xuQVV3NWZ4U2RrV1RadllIMFBxamdTd0VjOGYxUXlCQkdnYkJGNlBFZG9RS0JnUUROL2Q2MTdQeGNoZldyaDROblxuNlpqRitpY1ZDWHR0SHE5WWlQamdWWFp2UC80bUFQblA1OVV1UEdacFJmcVF2Y0ZlNXJZa09HS0szZWFLTlFrL1xuQmlKUFRNcHA5bFFKTUdvOVVGYmFlMTB6TUhzVmtKVEdZWHlJMG9RWXNiRHdBT1g1UmVNazYrV1JoQmFiM2UzWFxuUkpzRE5lR0xaTmN0Q3AwMWk0dGNDWFJ2cFFLQmdRREFqSjZoR0lKRnR6RG1PTWFKTVlKRFQ2L0NJWUtjdDhENFxudmhwVWJGY1RkK2gyTGNYTFpnT2s4VHV6bjVOK2dRUGxxMDdYRmZOUVZ6TWdzMjlLTG1MYVYyaHNOK2VreFdzVFxuOHhrSGlIZVRWZG5mMTdlZ2tpMU04eTVuK0hVYTJnQ2FuTHNpSVFRQi9IZEZjb1A1TDQzQm1iUER4QTVTVXhJTVxuc2tBTC9lbW5MUUtCZ0VxL05XSmtoVXA1bmFUSmZxaGxQbmVRaHovOStkaWx5dERnbXhha1RGNmdKUFBiWk1ySlxuZ0RUUDNBV1ZUQS9ibTJCNWJWeUZUVlRBb3BoQ0dJSFRFdjRkaWxHYS9mRjdyUUZrdHE5L0ZsbXQzT3Y5VTg4TVxucnVqakl1WG5ES0o2WVBqc0lEbFVsREFTY3pYSitUVWxBdTdPVFhLTWUvd3ZIczdBUFNoL2tjMjFBb0dBWC9ZMVxuSUtoc1ZINW1HbmIxUzI2bk14REYwWVNONmJrU3JXVmhEZTRvdjRVbEQ3RGtRT2lJckcybGlYSGdPazNtT1ZKVlxuS3BEQUFLeFV5TmxrZjUzNm1rS3h3aTFpZnhYOHRhYVVOTkxvZFQ5MkpEOElQemhhNTF6VEpmSUh1dWduSU9jM1xueEZ5YitMbHdYK1lncTlIdFhpMVNFQ0RuMmxPWVRVZVE3K2tOeDhrQ2dZQTJYUkV3R2UxNFFiMWtERnZjVkQ3clxuc0NxMXAzSXFUUkU5Q3hiYUh0YWM0YytRRTRzakwvcWhUci9EaWI4REFaOHJtM1JDRStuQUFmeUY2bEsya1BqS1xuYjlJZ3d2VFF5QjJTN0xmL3J3K2hHaXNkSzVhbmdaOURzeU1PL0xnQ2RLT01BMDRTSE9GaXpveXprakVMR1R6cFxuYnBsVXVVYXE0aFNPNW9HMzd3ZnBOUT09XG4tLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tXG4iLAogICJjbGllbnRfZW1haWwiOiAidGVycmFmb3JtQGl1dHNmLTQ3ODcxMy5pYW0uZ3NlcnZpY2VhY2NvdW50LmNvbSIsCiAgImNsaWVudF9pZCI6ICIxMDg3NDYwMzM0NjQ3NDM5MjgwMzciLAogICJhdXRoX3VyaSI6ICJodHRwczovL2FjY291bnRzLmdvb2dsZS5jb20vby9vYXV0aDIvYXV0aCIsCiAgInRva2VuX3VyaSI6ICJodHRwczovL29hdXRoMi5nb29nbGVhcGlzLmNvbS90b2tlbiIsCiAgImF1dGhfcHJvdmlkZXJfeDUwOV9jZXJ0X3VybCI6ICJodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbS9vYXV0aDIvdjEvY2VydHMiLAogICJjbGllbnRfeDUwOV9jZXJ0X3VybCI6ICJodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbS9yb2JvdC92MS9tZXRhZGF0YS94NTA5L3RlcnJhZm9ybSU0MGl1dHNmLTQ3ODcxMy5pYW0uZ3NlcnZpY2VhY2NvdW50LmNvbSIsCiAgInVuaXZlcnNlX2RvbWFpbiI6ICJnb29nbGVhcGlzLmNvbSIKfQo=", + "private_key_type": "TYPE_GOOGLE_CREDENTIALS_FILE", + "public_key": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUMvRENDQWVTZ0F3SUJBZ0lJSEVMU0p0V3ZDV1l3RFFZSktvWklodmNOQVFFRkJRQXdJREVlTUJ3R0ExVUUKQXd3Vk1UQTROelEyTURNek5EWTBOelF6T1RJNE1ETTNNQ0FYRFRJMU1USXdOREE1TVRrMU0xb1lEems1T1RreApNak14TWpNMU9UVTVXakFnTVI0d0hBWURWUVFEREJVeE1EZzNORFl3TXpNME5qUTNORE01TWpnd016Y3dnZ0VpCk1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLQW9JQkFRQ2E3NDJDalJEWCtkakg5SmQrRFdvY1dOZncKRDZ5TzcyZnRMcXZXbGsvRFlEZC9jZlFCRWJPWkVtQVNaNGtvcno2YVdsZ3gwOWFYdkRIa2lOMEdndGNnRy9XVAowQjhVdTJWUmd5akdhUDRsSHM1WTVZTUNHMUxVQnBwcEhWNFNkYkFHOFZ2ZlpyMWhxQW8ySUNsNnBpUkpPaXhFCkNuMi9lWFJ5RFpMNWJsMkxtblB0Nm9HbVB5dWtMc3JlNjVwQVV5T1JpMkk1Wlg2VmY1VVNFUFJsWlg4OHlGTUMKTktVc1JZNTF4dXdvWXh4KzBFOXBGL3VWK0ZhRjVNUVJYSDVSb00vL05IV3dZMUFjby93V2RXWlMvSC9lb2pPbApsOU1BaVQ2MCtnazVtS0JXYnFjTXAwd21rRnpkV2twWHRlcU13cUdzK1Y2TDFWcHdhUjR4UXI5TWVVTUJBZ01CCkFBR2pPREEyTUF3R0ExVWRFd0VCL3dRQ01BQXdEZ1lEVlIwUEFRSC9CQVFEQWdlQU1CWUdBMVVkSlFFQi93UU0KTUFvR0NDc0dBUVVGQndNQ01BMEdDU3FHU0liM0RRRUJCUVVBQTRJQkFRQ0VBR21nMVppbHFVcCthbXRTTStlbApGK1JtRjVvc05lbkRsZUJhSDlhOFNIeURpMjVPeEtnaWIvTXhaMTYyRXplVTIyZEVheDBuTlNWVUpEOWhBRDVYCkgrSGloTzZqemhjNHIzSlNtRmVLQ0J6aE95ck1EazMxN2ZkM2JoUXNXQ0hBa3RmMGZYekw4dTZLcDNUU3BaMEYKWnRHOGw0bGs0UFk5MWE3cEhnSVJhdXFvdDNJZkxMTk5aMVppcFZjYitaWW5QMW1TY3B6ZzBLWGQwakJ5bFVkNgpOT0FFZW84SllsTkswV3NlZG5KaDZVY2JURWJkdGtQNTJIcmNHMDZkSDZJZGZCS1dkQ0E0S2hhL2hWTk44VE9xCldab1RqMllkUEhEbXFYUVNWWmxnY2c4ZTB6bThOMnhoNUFESXpQSGYyYmFCOTl2WEZiTFZRRTlrY3dJdUtQcUwKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=", + "public_key_data": null, + "public_key_type": "TYPE_X509_PEM_FILE", + "service_account_id": "projects/iutsf-478713/serviceAccounts/terraform@iutsf-478713.iam.gserviceaccount.com", + "valid_after": "2025-12-04T09:19:53Z", + "valid_before": "9999-12-31T23:59:59Z" + }, + "sensitive_attributes": [ + [ + { + "type": "get_attr", + "value": "private_key" + } + ] + ], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.iam.google_service_account.terraform" + ] + } + ] + }, { "module": "module.network", "mode": "managed", diff --git a/terraform/environments/dev/terraform.tfstate.backup b/terraform/environments/dev/terraform.tfstate.backup index ad47563..990b57b 100644 --- a/terraform/environments/dev/terraform.tfstate.backup +++ b/terraform/environments/dev/terraform.tfstate.backup @@ -1,7 +1,7 @@ { "version": 4, "terraform_version": "1.14.1", - "serial": 14, + "serial": 17, "lineage": "68d76a72-f70d-5e6d-87bb-d6ad17acf000", "outputs": {}, "resources": [ @@ -31,7 +31,7 @@ "labels": {}, "provisioned_iops": 0, "provisioned_throughput": 0, - "resource_manager_tags": null, + "resource_manager_tags": {}, "resource_policies": [], "size": 10, "storage_pool": "", @@ -62,7 +62,7 @@ "instance_id": "6004704392758752624", "key_revocation_action_type": "", "label_fingerprint": "vezUS-42LLM=", - "labels": null, + "labels": {}, "machine_type": "e2-small", "metadata": { "enable-oslogin": "TRUE" @@ -93,7 +93,7 @@ "params": [], "project": "iutsf-478713", "reservation_affinity": [], - "resource_policies": null, + "resource_policies": [], "scheduling": [ { "automatic_restart": true, @@ -185,7 +185,7 @@ "labels": {}, "provisioned_iops": 0, "provisioned_throughput": 0, - "resource_manager_tags": null, + "resource_manager_tags": {}, "resource_policies": [], "size": 20, "storage_pool": "", @@ -216,7 +216,7 @@ "instance_id": "6512542133291644272", "key_revocation_action_type": "", "label_fingerprint": "vezUS-42LLM=", - "labels": null, + "labels": {}, "machine_type": "e2-small", "metadata": { "enable-oslogin": "TRUE" @@ -247,7 +247,7 @@ "params": [], "project": "iutsf-478713", "reservation_affinity": [], - "resource_policies": null, + "resource_policies": [], "scheduling": [ { "automatic_restart": true, @@ -339,7 +339,7 @@ "labels": {}, "provisioned_iops": 0, "provisioned_throughput": 0, - "resource_manager_tags": null, + "resource_manager_tags": {}, "resource_policies": [], "size": 10, "storage_pool": "", @@ -370,7 +370,7 @@ "instance_id": "2127744316395550064", "key_revocation_action_type": "", "label_fingerprint": "vezUS-42LLM=", - "labels": null, + "labels": {}, "machine_type": "e2-small", "metadata": { "enable-oslogin": "TRUE" @@ -407,7 +407,7 @@ "params": [], "project": "iutsf-478713", "reservation_affinity": [], - "resource_policies": null, + "resource_policies": [], "scheduling": [ { "automatic_restart": true, @@ -505,12 +505,12 @@ "priority": 1000, "project": "iutsf-478713", "self_link": "https://www.googleapis.com/compute/v1/projects/iutsf-478713/global/firewalls/iutsf-fw-backend-database-3306", - "source_ranges": null, - "source_service_accounts": null, + "source_ranges": [], + "source_service_accounts": [], "source_tags": [ "backend" ], - "target_service_accounts": null, + "target_service_accounts": [], "target_tags": [ "database" ], @@ -561,9 +561,9 @@ "source_ranges": [ "0.0.0.0/0" ], - "source_service_accounts": null, - "source_tags": null, - "target_service_accounts": null, + "source_service_accounts": [], + "source_tags": [], + "target_service_accounts": [], "target_tags": [ "frontend" ], @@ -610,12 +610,12 @@ "priority": 1000, "project": "iutsf-478713", "self_link": "https://www.googleapis.com/compute/v1/projects/iutsf-478713/global/firewalls/iutsf-fw-frontend-backend-8000", - "source_ranges": null, - "source_service_accounts": null, + "source_ranges": [], + "source_service_accounts": [], "source_tags": [ "frontend" ], - "target_service_accounts": null, + "target_service_accounts": [], "target_tags": [ "backend" ], @@ -658,12 +658,12 @@ "id": "projects/iutsf-478713/global/firewalls/iutsf-478713-fw-ssh-all", "log_config": [], "name": "iutsf-478713-fw-ssh-all", - "network": "https://www.googleapis.com/compute/v1/projects/iutsf-478713/global/networks/iutsf-478713-vpc", + "network": "https://www.googleapis.com/compute/v1/projects/iutsf-478713/global/networks/iutsf-vpc", "priority": 1000, "project": "iutsf-478713", "self_link": "https://www.googleapis.com/compute/v1/projects/iutsf-478713/global/firewalls/iutsf-478713-fw-ssh-all", "source_ranges": [ - "34.78.156.163/32" + "35.195.166.234/32" ], "source_service_accounts": [], "source_tags": [], @@ -673,7 +673,10 @@ }, "sensitive_attributes": [], "identity_schema_version": 0, - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjEyMDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9" + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjEyMDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", + "dependencies": [ + "module.network.google_compute_network.vpc" + ] } ] }, diff --git a/terraform/modules/iam/main.tf b/terraform/modules/iam/main.tf index e69de29..5033ea7 100644 --- a/terraform/modules/iam/main.tf +++ b/terraform/modules/iam/main.tf @@ -0,0 +1,31 @@ +# Compte de service Terraform +resource "google_service_account" "terraform" { + account_id = "terraform" + display_name = "Terraform Service Account" + project = var.project_id +} + +# Clé du compte de service +resource "google_service_account_key" "terraform_key" { + service_account_id = google_service_account.terraform.name +} + +# IAM Roles +resource "google_project_iam_member" "compute_admin" { + project = var.project_id + role = "roles/compute.admin" + member = "serviceAccount:${google_service_account.terraform.email}" +} + +resource "google_project_iam_member" "network_admin" { + project = var.project_id + role = "roles/compute.networkAdmin" + member = "serviceAccount:${google_service_account.terraform.email}" +} + +resource "google_project_iam_member" "editor" { + project = var.project_id + role = "roles/editor" + member = "serviceAccount:${google_service_account.terraform.email}" +} + diff --git a/terraform/modules/iam/outputs.tf b/terraform/modules/iam/outputs.tf index e69de29..3ae0f76 100644 --- a/terraform/modules/iam/outputs.tf +++ b/terraform/modules/iam/outputs.tf @@ -0,0 +1,9 @@ +output "service_account_email" { + value = google_service_account.terraform.email +} + +output "service_account_key" { + value = google_service_account_key.terraform_key.private_key + sensitive = true +} + diff --git a/terraform/modules/iam/variables.tf b/terraform/modules/iam/variables.tf index e69de29..2479e97 100644 --- a/terraform/modules/iam/variables.tf +++ b/terraform/modules/iam/variables.tf @@ -0,0 +1,5 @@ +variable "project_id" { + description = "ID du projet GCP" + type = string +} +