data cloud run

JamesWoolfenden · Nov 21, 2023 · 630d135 · 630d135
1 parent 3ca19cb
commit 630d135
Show file tree

Hide file tree

Showing 19 changed files with 190 additions and 27 deletions.
diff --git a/src/coverage/google.md b/src/coverage/google.md
@@ -745,13 +745,6 @@ Datasource percentage coverage 32.13
 ./resource.ps1 google_cloud_identity_group_lookup -type data
 ./resource.ps1 google_cloud_identity_group_memberships -type data
 ./resource.ps1 google_cloud_identity_groups -type data
-./resource.ps1 google_cloud_run_locations -type data
-./resource.ps1 google_cloud_run_service -type data
-./resource.ps1 google_cloud_run_service_iam_policy -type data
-./resource.ps1 google_cloud_run_v2_job -type data
-./resource.ps1 google_cloud_run_v2_job_iam_policy -type data
-./resource.ps1 google_cloud_run_v2_service -type data
-./resource.ps1 google_cloud_run_v2_service_iam_policy -type data
 ./resource.ps1 google_cloud_tasks_queue_iam_policy -type data
 ./resource.ps1 google_cloudbuild_trigger -type data
 ./resource.ps1 google_cloudbuildv2_connection_iam_policy -type data

diff --git a/src/files_gcp_datasource.go b/src/files_gcp_datasource.go
@@ -186,3 +186,24 @@ var dataGoogleBeyondcorpAppConnector []byte
 
 //go:embed mapping/google/data/beyondcorp/google_beyondcorp_app_gateway.json
 var dataGoogleBeyondcorpAppGateway []byte
+
+//go:embed mapping/google/data/run/google_cloud_run_locations.json
+var dataGoogleCloudRunLocations []byte
+
+//go:embed mapping/google/data/run/google_cloud_run_service.json
+var dataGoogleCloudRunService []byte
+
+//go:embed mapping/google/data/run/google_cloud_run_service_iam_policy.json
+var dataGoogleCloudRunServiceIamPolicy []byte
+
+//go:embed mapping/google/data/run/google_cloud_run_v2_job.json
+var dataGoogleCloudRunV2Job []byte
+
+//go:embed mapping/google/data/run/google_cloud_run_v2_job_iam_policy.json
+var dataGoogleCloudRunV2JobIamPolicy []byte
+
+//go:embed mapping/google/data/run/google_cloud_run_v2_service.json
+var dataGoogleCloudRunV2Service []byte
+
+//go:embed mapping/google/data/run/google_cloud_run_v2_service_iam_policy.json
+var dataGoogleCloudRunV2ServiceIamPolicy []byte
diff --git a/src/gcp_datasource.go b/src/gcp_datasource.go
@@ -104,6 +104,13 @@ func GCPDataLookup(result string) interface{} {
 		"google_beyondcorp_app_connection":                       dataGoogleBeyondcorpAppConnection,
 		"google_beyondcorp_app_connector":                        dataGoogleBeyondcorpAppConnector,
 		"google_beyondcorp_app_gateway":                          dataGoogleBeyondcorpAppGateway,
+		"google_cloud_run_locations":                             dataGoogleCloudRunLocations,
+		"google_cloud_run_service":                               dataGoogleCloudRunService,
+		"google_cloud_run_service_iam_policy":                    dataGoogleCloudRunServiceIamPolicy,
+		"google_cloud_run_v2_job":                                dataGoogleCloudRunV2Job,
+		"google_cloud_run_v2_job_iam_policy":                     dataGoogleCloudRunV2JobIamPolicy,
+		"google_cloud_run_v2_service":                            dataGoogleCloudRunV2Service,
+		"google_cloud_run_v2_service_iam_policy":                 dataGoogleCloudRunV2ServiceIamPolicy,
 	}
 	return TFLookup[result]
 }
diff --git a/src/mapping/google/data/run/google_cloud_run_locations.json b/src/mapping/google/data/run/google_cloud_run_locations.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "run.locations.list"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/run/google_cloud_run_service.json b/src/mapping/google/data/run/google_cloud_run_service.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "run.services.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/run/google_cloud_run_service_iam_policy.json b/src/mapping/google/data/run/google_cloud_run_service_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "run.services.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/run/google_cloud_run_v2_job.json b/src/mapping/google/data/run/google_cloud_run_v2_job.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "run.jobs.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/run/google_cloud_run_v2_job_iam_policy.json b/src/mapping/google/data/run/google_cloud_run_v2_job_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "run.services.getIamPolicy"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/run/google_cloud_run_v2_service.json b/src/mapping/google/data/run/google_cloud_run_v2_service.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "run.services.get"
+    ]
+  }
+]
diff --git a/src/mapping/google/data/run/google_cloud_run_v2_service_iam_policy.json b/src/mapping/google/data/run/google_cloud_run_v2_service_iam_policy.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "run.services.getIamPolicy"
+    ]
+  }
+]
diff --git a/terraform/google/backup/data.google_cloud_run_locations.tf b/terraform/google/backup/data.google_cloud_run_locations.tf
@@ -0,0 +1,5 @@
+data "google_cloud_run_locations" "pike" {}
+
+output "locations" {
+  value = data.google_cloud_run_locations.pike
+}
diff --git a/terraform/google/backup/data.google_cloud_run_service.tf b/terraform/google/backup/data.google_cloud_run_service.tf
@@ -0,0 +1,8 @@
+data "google_cloud_run_service" "pike" {
+  location = "europe-west2"
+  name     = "pike"
+}
+
+output "service" {
+  value = data.google_cloud_run_service.pike
+}
diff --git a/terraform/google/backup/data.google_cloud_run_service_iam_policy.tf b/terraform/google/backup/data.google_cloud_run_service_iam_policy.tf
@@ -0,0 +1,7 @@
+data "google_cloud_run_service_iam_policy" "pike" {
+  service = "pike"
+}
+
+output "policy" {
+  value = data.google_cloud_run_service_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_cloud_run_v2_job.tf b/terraform/google/backup/data.google_cloud_run_v2_job.tf
@@ -0,0 +1,10 @@
+data "google_cloud_run_v2_job" "pike" {
+  provider = google-beta
+  name     = "pike"
+  project  = "pike-gcp"
+  location = "europe-west2"
+}
+
+output "job" {
+  value = data.google_cloud_run_v2_job.pike
+}
diff --git a/terraform/google/backup/data.google_cloud_run_v2_job_iam_policy.tf b/terraform/google/backup/data.google_cloud_run_v2_job_iam_policy.tf
@@ -0,0 +1,7 @@
+data "google_cloud_run_v2_job_iam_policy" "pike" {
+  name = "pike"
+}
+
+output "policy2" {
+  value = data.google_cloud_run_v2_job_iam_policy.pike
+}
diff --git a/terraform/google/backup/data.google_cloud_run_v2_service.tf b/terraform/google/backup/data.google_cloud_run_v2_service.tf
@@ -0,0 +1,10 @@
+data "google_cloud_run_v2_service" "pike" {
+  provider = google-beta
+  name     = "pike"
+  project  = "pike-gcp"
+  location = "europe-west2"
+}
+
+output "service2" {
+  value = data.google_cloud_run_v2_service.pike
+}
diff --git a/terraform/google/backup/data.google_cloud_run_v2_service_iam_policy.tf b/terraform/google/backup/data.google_cloud_run_v2_service_iam_policy.tf
@@ -0,0 +1,7 @@
+data "google_cloud_run_v2_service_iam_policy" "pike" {
+  name = "pike"
+}
+
+output "policy3" {
+  value = data.google_cloud_run_v2_service_iam_policy.pike
+}
diff --git a/terraform/google/provider.google.tf b/terraform/google/provider.google.tf
@@ -4,3 +4,10 @@ provider "google" {
   //credentials = "C:/Users/jim_w/examplea-pike.json"
   credentials = "/Users/jwoolfenden/pike-service.json"
 }
+
+provider "google-beta" {
+  project = "pike-gcp"
+  region  = "europe-west2"
+  //credentials = "C:/Users/jim_w/examplea-pike.json"
+  credentials = "/Users/jwoolfenden/pike-service.json"
+}
diff --git a/terraform/google/role/google_project_iam_custom_role.tf b/terraform/google/role/google_project_iam_custom_role.tf
@@ -4,25 +4,15 @@ resource "google_project_iam_custom_role" "pike" {
   title       = "pike terraform user"
   description = "A user with least privileges"
   permissions = [
-    //google_storage_bucket_access_control, google_storage_default_object_access_control,google_storage_default_object_acl
-    "storage.buckets.get",
-    "storage.buckets.update",
-    //google_storage_object_access_control
-    "storage.objects.update",
-    //google_storage_bucket_iam_member
-    "storage.buckets.getIamPolicy",
-    //google_storage_bucket_iam_policy
-    "storage.buckets.setIamPolicy",
-    //google_storage_object_access_control
-    "storage.objects.get",
-    "storage.objects.getIamPolicy",
-    "storage.objects.setIamPolicy",
-    //google_storage_insights_report_config
-    "storageinsights.reportConfigs.create",
-    //google_storage_hmac_key
-    "storage.hmacKeys.create",
-    "storage.hmacKeys.get",
-    "storage.hmacKeys.update",
-    "storage.hmacKeys.delete"
+    //google_cloud_run_v2_service_iam_policy, google_cloud_run_v2_job_iam_policy, google_cloud_run_service_iam_policy
+    "run.services.getIamPolicy",
+    //google_cloud_run_service
+    "run.services.get",
+    //google_cloud_run_locations
+    "run.locations.list",
+    //google_cloud_run_v2_job
+    "run.jobs.get",
+    //google_cloud_run_v2_job_iam_policy
+    "run.jobs.getIamPolicy"
   ]
 }