Giters

terraform-google-modules / terraform-google-log-export

Creates log exports at the project, folder, or organization level

Home Page:https://registry.terraform.io/modules/terraform-google-modules/log-export/google

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

create_push_subscriber description is probably misleading

piotrekkr opened this issue · comments

commented

TL;DR

In pubsub submodule input params description there is information that service account will be created with IAM permissions if create_push_subscriber=true. Looking at the code it looks like it is not created for push subscription but only for pull subscription (when var.create_subscriber = true).

Expected behavior

Param description reflect what is actually happening

Observed behavior

Description is not correct

Terraform Configuration

#-----------------------------------------------#
# Pub/Sub topic subscription (for integrations) #
#-----------------------------------------------#
resource "google_service_account" "pubsub_subscriber" {
  count        = var.create_subscriber ? 1 : 0
  account_id   = local.subscriber_id
  display_name = "${local.topic_name} Topic Subscriber"
  project      = var.project_id
}

resource "google_pubsub_subscription_iam_member" "pubsub_subscriber_role" {
  count        = var.create_subscriber ? 1 : 0
  role         = "roles/pubsub.subscriber"
  project      = var.project_id
  subscription = local.pubsub_subscription
  member       = "serviceAccount:${google_service_account.pubsub_subscriber[0].email}"
}

resource "google_pubsub_topic_iam_member" "pubsub_viewer_role" {
  count   = var.create_subscriber ? 1 : 0
  role    = "roles/pubsub.viewer"
  project = var.project_id
  topic   = local.topic_name
  member  = "serviceAccount:${google_service_account.pubsub_subscriber[0].email}"
}

resource "google_pubsub_subscription" "pubsub_subscription" {
  count   = var.create_subscriber ? 1 : 0
  name    = "${local.topic_name}-subscription"
  project = var.project_id
  topic   = local.topic_name
  labels  = var.subscription_labels
}

resource "google_pubsub_subscription" "pubsub_push_subscription" {
  count   = var.create_push_subscriber ? 1 : 0
  name    = "${local.topic_name}-push-subscription"
  project = var.project_id
  topic   = local.topic_name

  push_config {
    push_endpoint = var.push_endpoint
  }
}

Terraform Version

master version

Additional information

No response

commented

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days

commented

Three months without any reply. Is anyone actually maintaining this repo?

commented

Fixed in PR #154
Merged to main repo

commented

Thanks :)