This message was deleted Pulumi Community #google-cloud

Join Slack

This message was deleted.

# google-cloud

sparse-intern-71089

11/02/2023, 6:22 PM

This message was deleted.

full-eve-52536

11/02/2023, 6:28 PM

This is what I do in TypeScript:

Copy code

new gcp.cloudrun.IamBinding('idp-api-service-iam-binding', {
  location: gcpConfig.require('region'),
  service: idpApiCloudRunService.name,
  role: 'roles/run.invoker',
  members: ['allUsers'],
});

Adding that binding will ensure the CloudRun service allows unauthenticated user access.

full-eve-52536

11/02/2023, 6:29 PM

I know that's not cloudrun V2, but it seems to work fine even though the service was created with cloudrunv2

colossal-tailor-72573

11/02/2023, 6:29 PM

Yeah -- I'm trying the go version of that now. But that is using the cloudrun package not the cloudrunv2 package

colossal-tailor-72573

11/02/2023, 6:29 PM

giving it a shot right now 🙂

colossal-tailor-72573

11/02/2023, 6:31 PM

That does indeed work! Thanks

🙌 1

glamorous-jelly-86558

11/02/2023, 10:19 PM

We got this to work for cloudrunv2 (TypeScript)

Copy code

// Create an IAM member to allow the service to be publicly accessible.
const apiNestInvoker = new gcp.cloudrunv2.ServiceIamBinding(
  'api-server-invoker',
  {
    role: 'roles/run.invoker',
    members: ['allUsers'],
    name: apiServerService.name,
    location: gcpRegion,
    project: projectNameAndId,
  },
);

colossal-tailor-72573

11/02/2023, 11:20 PM

I tried that before I used the cloudrun package. It doesn't even compile as the args don't have a name property

19 Views

Open in Slack

Previous Next