-
Notifications
You must be signed in to change notification settings - Fork 827
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
infra: add k8s-infra-sandbox-capg project #2908
Conversation
after enabling container.googleapis.com, this is everything that was actually enabled
Created the project with Set a budget on the project via click-ops:
I'd like to try and keep this terraform module scoped such that the people using the project could run terraform to affect changes on it. I'm assuming so long as nobody touches the billing account info on the project, terraform won't try to use a permission we're not going to grant to these folks. e.g. one of the required permissions to update a project's billing info ( $ gcloud iam roles describe roles/owner | grep '[Bb]illing'
- billing.resourceCosts.get
- cloudasset.assets.exportCloudbillingBillingAccounts
- firebase.billingPlans.get
- firebase.billingPlans.update
- resourcemanager.projects.createBillingAssignment
- resourcemanager.projects.deleteBillingAssignment Managing the budget via terraform (or some other client library, looks like gcloud doesn't have it) can be done as a follow up (which I am noodling on now, but unlikely to finish by end of day) We'll first got notified when 20% of the budget has been spent |
thanks @spiffxp /approve /hold please feel free to remove hold when ready |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: dims, spiffxp The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/hold cancel |
Related: