Skip to content

Commit

Permalink
fix: gcp promote quarantine failed to add tag in scanning bucket
Browse files Browse the repository at this point in the history
  • Loading branch information
@andrew-c-lee @trend-jack-c-tang
andrew-c-lee authored and trend-jack-c-tang committed Jan 9, 2024
1 parent c6f13b3 commit 4d3d406
Showing 1 changed file with 3 additions and 1 deletion.
4 changes: 3 additions & 1 deletion post-scan-actions/gcp-python-promote-or-quarantine/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ terraform {
required_providers {
google = {
source = "hashicorp/google"
version = "~> 4.0.0"
version = "~> 5.11.0"
}
}
}
Expand Down Expand Up @@ -49,8 +49,10 @@ resource "google_project_iam_custom_role" "scanning_bucket_access_role" {
permissions = var.promote_mode == "move" || var.quarantine_mode == "move" ? [
"storage.objects.delete",
"storage.objects.get",
"storage.objects.update"
] : [
"storage.objects.get",
"storage.objects.update"
]
}

Expand Down

0 comments on commit 4d3d406

Please sign in to comment.