Add new variable for iam service account name

world-federation-of-advertisers · Jan 25, 2024 · 91cb31a · 91cb31a
1 parent d61b02d
commit 91cb31a
Show file tree

Hide file tree

Showing 5 changed files with 15 additions and 7 deletions.
diff --git a/src/main/k8s/dev/reporting_v2_gke.cue b/src/main/k8s/dev/reporting_v2_gke.cue
@@ -56,15 +56,15 @@ reporting: #Reporting & {
 	_internalApiTarget: certificateHost: "localhost"
 
 	_postgresConfig: {
-		iamUserLocal: "reporting-internal"
+		iamUserLocal: "reporting-v2-internal"
 		database:     "reporting-v2"
 	}
 
 	_verboseGrpcServerLogging: true
 
 	serviceAccounts: {
 		"\(#InternalServerServiceAccount)": #WorkloadIdentityServiceAccount & {
-			_iamServiceAccountName: "reporting-internal"
+			_iamServiceAccountName: "reporting-v2-internal"
 		}
 	}
 

diff --git a/src/main/terraform/gcloud/cmms/reporting.tf b/src/main/terraform/gcloud/cmms/reporting.tf
@@ -41,6 +41,7 @@ module "reporting_default_node_pool" {
 module "reporting" {
   source = "../modules/reporting"
 
-  postgres_instance      = google_sql_database_instance.postgres
-  postgres_database_name = "reporting"
+  iam_service_account_name = "reporting-internal"
+  postgres_instance        = google_sql_database_instance.postgres
+  postgres_database_name   = "reporting"
 }
diff --git a/src/main/terraform/gcloud/cmms/reporting_v2.tf b/src/main/terraform/gcloud/cmms/reporting_v2.tf
@@ -41,6 +41,7 @@ module "reporting_v2_default_node_pool" {
 module "reporting_v2" {
   source = "../modules/reporting"
 
-  postgres_instance      = google_sql_database_instance.postgres
-  postgres_database_name = "reporting-v2"
+  iam_service_account_name = "reporting-v2-internal"
+  postgres_instance        = google_sql_database_instance.postgres
+  postgres_database_name   = "reporting-v2"
 }
diff --git a/src/main/terraform/gcloud/modules/reporting/main.tf b/src/main/terraform/gcloud/modules/reporting/main.tf
@@ -25,7 +25,7 @@ module "reporting_internal" {
   source = "../workload-identity-user"
 
   k8s_service_account_name        = "internal-reporting-server"
-  iam_service_account_name        = "reporting-internal"
+  iam_service_account_name        = var.iam_service_account_name
   iam_service_account_description = "Reporting internal API server."
 }
 

diff --git a/src/main/terraform/gcloud/modules/reporting/variables.tf b/src/main/terraform/gcloud/modules/reporting/variables.tf
@@ -27,3 +27,9 @@ variable "postgres_database_name" {
   nullable = false
 }
 
+variable "iam_service_account_name" {
+  description = "IAM `google_service_account.name`."
+  type = string
+  nullable = false
+}
+