Commit ef112167 authored by John Skarbek's avatar John Skarbek
Browse files

Creates a service account that we can use for the DR environment

parent 66515f95
......@@ -19,3 +19,17 @@ resource "google_compute_firewall" "allow-dr-postgres" {
"patroni",
]
}
resource "google_service_account" "dr-sa" {
account_id = "disaster-recovery"
}
data "google_iam_policy" "dr-sa-access" {
binding {
role = "roles/storage.objectViewer"
members = [
"serviceAccount:${google_service_account.dr-sa.email}",
]
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment