search

terraform-google-modules / terraform-google-sql-db

Creates a Cloud SQL database instance
https://registry.terraform.io/modules/terraform-google-modules/sql-db/google
Apache License 2.0
265 stars 427 forks source link

Add default grant for iam users #601

Closed MDSLKTR closed 5 months ago

MDSLKTR commented 5 months ago

TL;DR

Currently when adding iam users (using "roles/cloudsql.client", "roles/cloudsql.instanceUser" service accounts). They wont have any roles granted on postgres database level. Is there way to achieve a permission grant on postgres level with the creation of the iam user.

iam_users = [{
    id    = module.service-account-dev["cdm-corporate-structure"].name
    email = module.service-account-dev["cdm-corporate-structure"].email
  }]

Terraform Resources

https://github.com/terraform-google-modules/terraform-google-sql-db/tree/master/modules/postgresql

Detailed design

Is there a way to assign specific database grants when the iam user is created?

Additional information

No response