From b4c32aa489b5f33d4c994202ff67301dbba47832 Mon Sep 17 00:00:00 2001 From: Thomas Rodgers Date: Tue, 1 Oct 2024 10:48:04 -0700 Subject: [PATCH] Add storage admin permssion for healthcare SA (#11881) --- .ci/infra/terraform/main.tf | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/.ci/infra/terraform/main.tf b/.ci/infra/terraform/main.tf index fd85f145cc9f..0b55bbdc268e 100644 --- a/.ci/infra/terraform/main.tf +++ b/.ci/infra/terraform/main.tf @@ -376,8 +376,6 @@ resource "google_project_service_identity" "sqladmin_sa" { service = "sqladmin.googleapis.com" } -# TODO: Replace these permissions with bootstrapped permissions - # TestAccComposerEnvironment_fixPyPiPackages # TestAccComposerEnvironmentComposer2_private # TestAccComposerEnvironment_withEncryptionConfigComposer1 @@ -409,6 +407,15 @@ resource "google_project_iam_member" "compute_agent_secret_accessor" { member = "serviceAccount:${google_project.proj.number}-compute@developer.gserviceaccount.com" } +# TestAccHealthcarePipelineJob_healthcarePipelineJobMappingReconDestExample +# TestAccHealthcarePipelineJob_healthcarePipelineJobReconciliationExample +# TestAccHealthcarePipelineJob_healthcarePipelineJobWhistleMappingExample +resource "google_project_iam_member" "healthcare_agent_storage_object_admin" { + project = google_project.proj.project_id + role = "roles/storage.objectAdmin" + member = "serviceAccount:service-${google_project.proj.number}@gcp-sa-healthcare.iam.gserviceaccount.com" +} + # TestAccVertexAIEndpoint_vertexAiEndpointNetwork # TestAccVertexAIFeaturestoreEntitytype_vertexAiFeaturestoreEntitytypeExample # TestAccVertexAIFeaturestoreEntitytype_vertexAiFeaturestoreEntitytypeWithBetaFieldsExample