File tree Expand file tree Collapse file tree 2 files changed +6
-5
lines changed
src/base_template/deployment/terraform Expand file tree Collapse file tree 2 files changed +6
-5
lines changed Original file line number Diff line number Diff line change @@ -49,14 +49,15 @@ variable "app_sa_roles" {
4949 description = " List of roles to assign to the application service account"
5050 type = list (string )
5151 default = [
52- {%- if " adk " in cookiecutter . tags and cookiecutter . session_type == " alloydb" % }
52+ {%- if cookiecutter . session_type == " alloydb" % }
5353 " roles/secretmanager.secretAccessor"
5454{%- endif % }
5555 " roles/aiplatform.user"
5656 " roles/discoveryengine.editor"
5757 " roles/logging.logWriter"
5858 " roles/cloudtrace.agent"
59- " roles/storage.admin"
59+ " roles/storage.admin"
60+ " roles/serviceusage.serviceUsageConsumer"
6061 ]
6162}
6263{% if cookiecutter . data_ingestion % }
Original file line number Diff line number Diff line change @@ -70,15 +70,15 @@ variable "app_sa_roles" {
7070 description = " List of roles to assign to the application service account"
7171 type = list (string )
7272 default = [
73- {%- if cookiecutter . deployment_target == 'cloud_run ' % }
74- " roles/run.invoker"
73+ {%- if cookiecutter . session_type == " alloydb" % }
7574 " roles/secretmanager.secretAccessor"
7675{%- endif % }
7776 " roles/aiplatform.user"
7877 " roles/discoveryengine.editor"
7978 " roles/logging.logWriter"
8079 " roles/cloudtrace.agent"
81- " roles/storage.admin"
80+ " roles/storage.admin"
81+ " roles/serviceusage.serviceUsageConsumer"
8282 ]
8383}
8484{%- if cookiecutter . deployment_target == 'cloud_run ' % }
You can’t perform that action at this time.
0 commit comments