Add labels, Bucket Policy Only, Security Admin role #4
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This allows the service account to manage the state after the initial terraform apply.
aaron-lane
force-pushed
the
aaron-lane-labels-bucket-policy
branch
from
6ca228a to
0016a8a
Compare
rjerrems
reviewed
Dec 4, 2019
rjerrems
reviewed
Dec 4, 2019
rjerrems
reviewed
Dec 4, 2019
|
Overall it looks good, although I would like to clarify the permissions to ensure that they are required so we can maintain the least permissions required to run CFT. |
This reverts commit 4540293.
We're using Google 2.12.0 to avoid an IAM bug which recently started affecting Terraform deployments.
|
Looking good from my perspective now @aaron-lane , just need @morgante to review / approve or if you can provide me access I am happy to do it. |
|
@rjerrems If you "approve" the PR you should be able to merge. |
rjerrems
approved these changes
Dec 16, 2019
|
Thanks @morgante - I have approved, but looks like I don't have permissions to merge the PR. I have a |
|
@rjerrems Looks like we never added you to the org, just invited you. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This branch adds inputs for labels, changes the buckets to enforce Bucket Policy Only access, and adds Security Admin to the Terraform service account so that it can manage the created state.
@rjerrems FYI