SkYNewZ · September 16, 2020 13:02
diff --git a/main.tf b/main.tf
 variable "project_id" {
  type = string
 }

 # On va chercher le projet number
 data "google_project" "project" {
  project_id = var.project_id
 }

 # On crer le topic qui reçoit les lettres mortes
 resource "google_pubsub_topic" "dead_letter" {
  project = var.project_id
  name    = "dead_letter_topic"
 }

 # On crer un souscription pour lire les lettres mortes
 resource "google_pubsub_subscription" "dead_letter" {
  project = var.project_id
  name    = "dead_letter_subscription"
  topic   = google_pubsub_topic.dead_letter.name

  ack_deadline_seconds = 20
  expiration_policy {
    ttl = ""
  }
 }

 # On crée un topic d'exemple qui recevra les evenements
 resource "google_pubsub_topic" "example" {
  project = var.project_id
  name    = "example_input_topic"
 }

 # On crée une souscripion push d'exemple
 resource "google_pubsub_subscription" "example" {
  project = var.project_id
  name    = "example_input_subscription"
  topic   = google_pubsub_topic.example.name

  # Combien de temps le subscriber a pour traiter le message avant qu'il reparte dans le topic
  ack_deadline_seconds = 20

  # Combien de temps on garde le message avant qu'il soit supprimé
  # 5 jours
  message_retention_duration = "432000s"

  expiration_policy {
    ttl = ""
  }

  dead_letter_policy {
    dead_letter_topic     = google_pubsub_topic.dead_letter.id
    max_delivery_attempts = 5
  }

  retry_policy {
    minimum_backoff = "10s"
    maximum_backoff = "60s"
  }


  push_config {
    push_endpoint = "https://europe-west3-${var.project_id}.cloudfunctions.net/test_dead"
    # push_endpoint = "https://requestinspector.com/inspect/01ejbex9rh5xdwwzrpehrpq0s2"

    attributes = {
      x-goog-version = "v1"
    }

    oidc_token {
      service_account_email = format("%s@appspot.gserviceaccount.com", var.project_id)
    }
  }
 }


 # On ajoute les droits publisher au compte de servie PubSub dans le topic de lettre morte
 resource "google_pubsub_topic_iam_member" "publisher" {
  project = var.project_id
  topic   = google_pubsub_topic.dead_letter.name
  role    = "roles/pubsub.publisher"
  member  = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-pubsub.iam.gserviceaccount.com"
 }

 # On ajoute les droits suscriber au SA Pubsub de la souscription en PUSH
 resource "google_pubsub_subscription_iam_member" "subscriber" {
  project      = var.project_id
  subscription = google_pubsub_subscription.example.name
  role         = "roles/pubsub.subscriber"
  member       = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-pubsub.iam.gserviceaccount.com"
 }

 resource "google_project_iam_member" "project" {
  project = var.project_id
  role    = "roles/iam.serviceAccountTokenCreator"
  member  = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-pubsub.iam.gserviceaccount.com"
 }
	variable "project_id" {
	type = string
	}

	# On va chercher le projet number
	data "google_project" "project" {
	project_id = var.project_id
	}

	# On crer le topic qui reçoit les lettres mortes
	resource "google_pubsub_topic" "dead_letter" {
	project = var.project_id
	name = "dead_letter_topic"
	}

	# On crer un souscription pour lire les lettres mortes
	resource "google_pubsub_subscription" "dead_letter" {
	project = var.project_id
	name = "dead_letter_subscription"
	topic = google_pubsub_topic.dead_letter.name

	ack_deadline_seconds = 20
	expiration_policy {
	ttl = ""
	}
	}

	# On crée un topic d'exemple qui recevra les evenements
	resource "google_pubsub_topic" "example" {
	project = var.project_id
	name = "example_input_topic"
	}

	# On crée une souscripion push d'exemple
	resource "google_pubsub_subscription" "example" {
	project = var.project_id
	name = "example_input_subscription"
	topic = google_pubsub_topic.example.name

	# Combien de temps le subscriber a pour traiter le message avant qu'il reparte dans le topic
	ack_deadline_seconds = 20

	# Combien de temps on garde le message avant qu'il soit supprimé
	# 5 jours
	message_retention_duration = "432000s"

	expiration_policy {
	ttl = ""
	}

	dead_letter_policy {
	dead_letter_topic = google_pubsub_topic.dead_letter.id
	max_delivery_attempts = 5
	}

	retry_policy {
	minimum_backoff = "10s"
	maximum_backoff = "60s"
	}


	push_config {
	push_endpoint = "https://europe-west3-${var.project_id}.cloudfunctions.net/test_dead"
	# push_endpoint = "https://requestinspector.com/inspect/01ejbex9rh5xdwwzrpehrpq0s2"

	attributes = {
	x-goog-version = "v1"
	}

	oidc_token {
	service_account_email = format("%s@appspot.gserviceaccount.com", var.project_id)
	}
	}
	}


	# On ajoute les droits publisher au compte de servie PubSub dans le topic de lettre morte
	resource "google_pubsub_topic_iam_member" "publisher" {
	project = var.project_id
	topic = google_pubsub_topic.dead_letter.name
	role = "roles/pubsub.publisher"
	member = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-pubsub.iam.gserviceaccount.com"
	}

	# On ajoute les droits suscriber au SA Pubsub de la souscription en PUSH
	resource "google_pubsub_subscription_iam_member" "subscriber" {
	project = var.project_id
	subscription = google_pubsub_subscription.example.name
	role = "roles/pubsub.subscriber"
	member = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-pubsub.iam.gserviceaccount.com"
	}

	resource "google_project_iam_member" "project" {
	project = var.project_id
	role = "roles/iam.serviceAccountTokenCreator"
	member = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-pubsub.iam.gserviceaccount.com"
	}
No results found