Add compute service account init and VM creation

DSC-McMaster-U · Oct 31, 2023 · 0312156 · 0312156
1 parent 7b328a4
commit 0312156
Showing 1 changed file with 39 additions and 0 deletions.
diff --git a/cloud-infra/main.tf b/cloud-infra/main.tf
@@ -43,3 +43,42 @@ resource "google_cloud_run_service_iam_member" "run_all_users" {
 output "service_url" {
   value = google_cloud_run_service.run_service.status.0.url
 }
+
+# Add Service Account 
+resource "google_service_account" "default" {
+  account_id   = "compute-service-account" #changing id causes forces new account
+  display_name = "Service Account for Compute Instance"
+}
+
+# Create new VM, Attach to Service Account - for later 
+/*
+resource "google_compute_instance" "default" {
+  name         = "my-test-vm"
+  machine_type = "n1-standard-1"
+  zone         = "us-central1-a"
+
+  boot_disk {
+    initialize_params {
+      image = "debian-cloud/debian-11"
+    }
+  }
+
+  // Local SSD disk
+  scratch_disk {
+    interface = "SCSI"
+  }
+
+  network_interface {
+    network = "default"
+
+    access_config {
+      // Ephemeral public IP
+    }
+  }
+
+  service_account {
+    email  = google_service_account.default.email
+    scopes = ["cloud-platform"] #  `cloud-platform` is recommended for avoid embedding secret keys or user credentials
+  }
+}
+*/