Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
# Policy to allow public access to Cloud Run endpoint
data "google_iam_policy" "noauth" {
binding {
role = "roles/run.invoker"
members = ["allUsers"]
# Bind public policy to our Camunda Cloud Run service
resource "google_cloud_run_service_iam_policy" "noauth" {
location = google_cloud_run_service.camunda.location
project = google_cloud_run_service.camunda.project
service =
policy_data = data.google_iam_policy.noauth.policy_data
# Create service account to run service
resource "google_service_account" "camunda" {
account_id = "camunda-worker"
display_name = "Camunda Worker"
# Give the service account access to Cloud SQL
resource "google_project_iam_member" "project" {
role = "roles/cloudsql.client"
member = "serviceAccount:${}"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment