From 543ea6e7f381731a29ca79591fb1faec8bdb6b43 Mon Sep 17 00:00:00 2001 From: ddaluka <108656287+ddaluka@users.noreply.github.com> Date: Mon, 20 Nov 2023 18:41:01 +0530 Subject: [PATCH] Fix/dlpagent (#1868) Create DLP Service Account on service activation. --- blueprints/data-solutions/data-platform-foundations/README.md | 2 +- blueprints/data-solutions/data-platform-minimal/README.md | 2 +- modules/project/README.md | 1 + modules/project/service-agents.yaml | 1 + 4 files changed, 4 insertions(+), 2 deletions(-) diff --git a/blueprints/data-solutions/data-platform-foundations/README.md b/blueprints/data-solutions/data-platform-foundations/README.md index 6cdfdec91..c73b0a31b 100644 --- a/blueprints/data-solutions/data-platform-foundations/README.md +++ b/blueprints/data-solutions/data-platform-foundations/README.md @@ -228,7 +228,7 @@ module "data-platform" { } prefix = "myprefix" } -# tftest modules=43 resources=290 +# tftest modules=43 resources=293 ``` ## Customizations diff --git a/blueprints/data-solutions/data-platform-minimal/README.md b/blueprints/data-solutions/data-platform-minimal/README.md index 5559d9860..a415b00f3 100644 --- a/blueprints/data-solutions/data-platform-minimal/README.md +++ b/blueprints/data-solutions/data-platform-minimal/README.md @@ -229,7 +229,7 @@ module "data-platform" { prefix = "myprefix" } -# tftest modules=23 resources=137 +# tftest modules=23 resources=138 ``` ## Customizations diff --git a/modules/project/README.md b/modules/project/README.md index 9d94d9f2d..13f142af2 100644 --- a/modules/project/README.md +++ b/modules/project/README.md @@ -219,6 +219,7 @@ This table lists all affected services and roles that you need to grant to servi | cloudasset.googleapis.com | cloudasset | roles/cloudasset.serviceAgent | | cloudbuild.googleapis.com | cloudbuild | roles/cloudbuild.builds.builder | | dataplex.googleapis.com | dataplex | roles/dataplex.serviceAgent | +| dlp.googleapis.com | dlp | roles/dlp.serviceAgent | | gkehub.googleapis.com | fleet | roles/gkehub.serviceAgent | | meshconfig.googleapis.com | servicemesh | roles/anthosservicemesh.serviceAgent | | multiclusteringress.googleapis.com | multicluster-ingress | roles/multiclusteringress.serviceAgent | diff --git a/modules/project/service-agents.yaml b/modules/project/service-agents.yaml index eb38dc4cc..348197102 100644 --- a/modules/project/service-agents.yaml +++ b/modules/project/service-agents.yaml @@ -169,6 +169,7 @@ # dlp ="organizations-ORGANIZATION_NUMBER@gcp-sa-riskmanager" - name: "dlp" service_agent: "service-%s@dlp-api.iam.gserviceaccount.com" + jit: true - name: "documentai" service_agent: "service-%s@gcp-sa-prod-dai-core.iam.gserviceaccount.com" - name: "edgecontainer"