Open steren opened 1 year ago
it is extremely common to make Cloud Run services public, i.e. to allow any identity to invoke the service (give allUsers the IAM invoker role)
allUsers
I suggest adding to the docs this usage example just below Example Usage - Cloudrunv2 Service Basic
provider "google" { project = "my-project" } resource "google_cloud_run_v2_service" "default" { name = "cloudrun-service" location = "us-central1" ingress = "INGRESS_TRAFFIC_ALL" template { containers { image = "us-docker.pkg.dev/cloudrun/container/hello" } } } data "google_iam_policy" "noauth" { binding { role = "roles/run.invoker" members = ["allUsers"] } } resource "google_cloud_run_service_iam_policy" "noauth" { location = google_cloud_run_v2_service.default.location project = google_cloud_run_v2_service.default.project service = google_cloud_run_v2_service.default.name policy_data = data.google_iam_policy.noauth.policy_data }
@rileykarson I agree that this is important to add - and this issue is very old. How can i support moving foward? I'm not allowed to give reviews
it is extremely common to make Cloud Run services public, i.e. to allow any identity to invoke the service (give
allUsers
the IAM invoker role)I suggest adding to the docs this usage example just below Example Usage - Cloudrunv2 Service Basic