File tree Expand file tree Collapse file tree 1 file changed +11
-3
lines changed Expand file tree Collapse file tree 1 file changed +11
-3
lines changed Original file line number Diff line number Diff line change @@ -32,6 +32,14 @@ resource "google_project_service" "eventarc" {
3232data "google_project" "default" {
3333}
3434
35+ # [START eventarc_terraform_service_agent]
36+ resource "google_project_service_identity" "eventarc_sa" {
37+ provider = - beta
38+ project = . google_project . default . project_id
39+ service = " eventarc.googleapis.com"
40+ }
41+ # [END eventarc_terraform_service_agent]
42+
3543# [START eventarc_terraform_cmek_key]
3644resource "random_id" "default" {
3745 byte_length = 8
@@ -51,14 +59,14 @@ resource "google_kms_crypto_key" "default" {
5159}
5260# [END eventarc_terraform_cmek_key]
5361
54- # [START eventarc_terraform_cmek_service_agent ]
62+ # [START eventarc_terraform_cmek_role ]
5563# Grant service account access to Cloud KMS key
5664resource "google_kms_crypto_key_iam_member" "default" {
5765 crypto_key_id = . default . id
5866 role = " roles/cloudkms.cryptoKeyEncrypterDecrypter"
59- member = " serviceAccount:service- ${ data . google_project . default . number } @gcp-sa-eventarc.iam.gserviceaccount.com "
67+ member = google_project_service_identity . eventarc_sa . member
6068}
61- # [END eventarc_terraform_cmek_service_agent ]
69+ # [END eventarc_terraform_cmek_role ]
6270
6371# [START eventarc_terraform_cmek_google_channel]
6472# Specify a CMEK key for the `GoogleChannelConfig` resource
You can’t perform that action at this time.
0 commit comments