Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion gcp/cloud-run-v2/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,8 @@ Key elements description:

## New Variables

- `var.cloud_run_service_account`: The service account to use for the Cloud Run service.
- `var.cloud_run_service_account`: The service account used as the Eventarc trigger invoker, and as the Cloud Run service identity when `use_custom_service_account` is `true`.
- `var.use_custom_service_account`: When `true`, the Cloud Run service runs as `cloud_run_service_account` instead of the default Compute Engine SA. Defaults to `false` to avoid changing existing deployments.
- `var.sharedVpcConnector`: Shared VPC connection string for internal network access.
- `var.environment`: The current environment.
- `var.artifact_repository`: The artifact repository for the service.
Expand Down
3 changes: 2 additions & 1 deletion gcp/cloud-run-v2/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,8 @@ resource "google_cloud_run_v2_service" "default" {
deletion_protection = var.deletion_protection

template {
timeout = var.timeout
timeout = var.timeout
service_account = var.use_custom_service_account ? var.cloud_run_service_account : null
containers {
image = "gcr.io/cloudrun/hello"

Expand Down
6 changes: 6 additions & 0 deletions gcp/cloud-run-v2/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,12 @@ variable "cloud_run_service_account" {
default = null
}

variable "use_custom_service_account" {
description = "(Optional) When true, the Cloud Run service will run as cloud_run_service_account instead of the default Compute Engine SA."
type = bool
default = false
}

variable "allow_public_access" {
description = "(Optional) Enable/disable public access to the service's original run url."
type = bool
Expand Down
Loading