1. Answers
  2. Using Gcp Serviceaccount With Cloudrun

Using Gcp Serviceaccount With Cloudrun

Introduction

In this guide, we will walk through the process of creating a Google Cloud Platform (GCP) Service Account and deploying a Cloud Run service using Pulumi. Pulumi allows you to define, deploy, and manage cloud infrastructure using code. We will use TypeScript as our programming language.

Step-by-Step Explanation

Step 1: Setting Up Pulumi

  1. Ensure you have the Pulumi CLI installed. If not, follow the installation guide.
  2. Authenticate with GCP by running gcloud auth login and setting the project with gcloud config set project <YOUR_PROJECT_ID>.
  3. Create a new Pulumi project using pulumi new typescript.

Step 2: Creating a GCP Service Account

  1. Define the Service Account resource in your Pulumi program.
  2. Assign the necessary roles to the Service Account.

Step 3: Deploying a Cloud Run Service

  1. Define the Cloud Run service in your Pulumi program.
  2. Configure the service to use the Service Account created in the previous step.
  3. Deploy the Cloud Run service.

Step 4: Running Pulumi Commands

  1. Run pulumi up to preview and deploy the changes.
  2. Confirm the deployment to create the resources.

Summary

By following this guide, you have successfully created a GCP Service Account and deployed a Cloud Run service using Pulumi. This approach allows you to manage your cloud infrastructure as code, making it easier to maintain and scale.

Full Code Example

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

// Create a GCP Service Account
const serviceAccount = new gcp.serviceaccount.Account("my-service-account", {
    accountId: "my-service-account",
    displayName: "My Service Account",
});

// Assign roles to the Service Account
const serviceAccountIamMember = new gcp.serviceaccount.IAMMember("my-service-account-iam", {
    serviceAccountId: serviceAccount.name,
    role: "roles/run.invoker",
    member: pulumi.interpolate\`serviceAccount:\${serviceAccount.email}\`,
});

// Define the Cloud Run service
const cloudRunService = new gcp.cloudrun.Service("my-cloud-run-service", {
    location: "us-central1",
    template: {
        spec: {
            containers: [{
                image: "gcr.io/cloudrun/hello",
            }],
            serviceAccountName: serviceAccount.email,
        },
    },
});

// Export the URL of the Cloud Run service
export const serviceUrl = cloudRunService.statuses[0].url;

Deploy this code

Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.

Sign up

New to Pulumi?

Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.

Sign up