# Copyright 2023 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # https://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. data "google_project" "project" {} resource "google_service_account" "obj_localization_function" { account_id = local.function_name display_name = "Object Detection function" } resource "google_project_iam_member" "bq_editor" { project = var.project_id role = "roles/bigquery.dataEditor" member = "serviceAccount:${google_service_account.obj_localization_function.email}" } resource "google_project_iam_member" "gcs_viewer" { project = var.project_id role = "roles/storage.objectViewer" member = "serviceAccount:${google_service_account.obj_localization_function.email}" } resource "google_project_iam_member" "gcs_creator" { project = var.project_id role = "roles/storage.objectCreator" member = "serviceAccount:${google_service_account.obj_localization_function.email}" } resource "google_project_iam_member" "event_receiver" { project = var.project_id role = "roles/eventarc.eventReceiver" member = "serviceAccount:${google_service_account.obj_localization_function.email}" } data "google_storage_project_service_account" "gcs_account" {} resource "google_project_iam_member" "gcs_to_pubsub" { project = var.project_id role = "roles/pubsub.publisher" member = "serviceAccount:${data.google_storage_project_service_account.gcs_account.email_address}" }