Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[test-org] Create long-living SA which has G-Suite access. #481

Merged
merged 4 commits into from
Nov 28, 2019
Merged

[test-org] Create long-living SA which has G-Suite access. #481

merged 4 commits into from
Nov 28, 2019

Conversation

cray0000
Copy link
Contributor

@cray0000 cray0000 commented Nov 27, 2019
edited by aaron-lane
Loading

Used for project-factory tests of gsuite functionality.
Can later be used in other gsuite-related tests in other modules.

Note for @aaron-lane:

Added an output ci_gsuite_sa_email with the SA email which will need to be used when going through the delegation guide here:
https://developers.google.com/admin-sdk/directory/v1/guides/delegation

The guide has to be followed all the way up to granting SA the domain-wide access to Admin SDK Directory API.

Also we'll use the [email protected] user account to impersonate this newly created SA account (https://github.com/terraform-google-modules/terraform-google-project-factory/blob/master/build/int.cloudbuild.yaml#L24).

Don't really know if any additional linkage has to be setup between [email protected] and the created SA, but the guide says nothing about it, so probably any real user account can be impersonated by the SA.

Related to terraform-google-modules/terraform-google-project-factory#111.

@cray0000
[test-org] Create long-living SA which has G-Suite access. Used for p…
a627cfb 
…roject-factory tests of gsuite functionality and can be used in other gsuite-related tests in other modules.
@aaron-lane aaron-lane added the TF Terraform CFT label Nov 27, 2019
aaron-lane
aaron-lane suggested changes Nov 27, 2019
View reviewed changes
Copy link
Contributor

@aaron-lane aaron-lane left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @cray0000!

infra/terraform/test-org/org/gsuite.tf Outdated Show resolved Hide resolved
infra/terraform/test-org/org/gsuite.tf Outdated Show resolved Hide resolved
infra/terraform/test-org/org/gsuite.tf Outdated Show resolved Hide resolved
infra/terraform/test-org/org/gsuite.tf Outdated Show resolved Hide resolved
infra/terraform/test-org/org/gsuite.tf Outdated Show resolved Hide resolved
@cray0000 cray0000 requested a review from aaron-lane November 28, 2019 13:08
@aaron-lane aaron-lane merged commit 2e07962 into GoogleCloudPlatform:master Nov 28, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aaron-lane aaron-lane aaron-lane approved these changes

@morgante morgante Awaiting requested review from morgante

@ocsig ocsig Awaiting requested review from ocsig

Assignees

@cray0000 cray0000

@aaron-lane aaron-lane

Labels
cla: yes TF Terraform CFT
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@cray0000 @aaron-lane @googlebot