Skip to content

Commit ca8be95

Browse files
committed
added check
1 parent f671548 commit ca8be95

File tree

2 files changed

+3
-3
lines changed

2 files changed

+3
-3
lines changed

modules/core_project_factory/main.tf

+2-2
Original file line numberDiff line numberDiff line change
@@ -109,7 +109,7 @@ module "project_services" {
109109
Shared VPC configuration
110110
*****************************************/
111111
resource "time_sleep" "wait_5_seconds" { #TODO rename resource in the next breaking change.
112-
count = var.vpc_service_control_attach_enabled ? 1 : 0
112+
count = var.vpc_service_control_attach_enabled || var.vpc_service_control_attach_dry_run ? 1 : 0
113113
depends_on = [google_access_context_manager_service_perimeter_resource.service_perimeter_attachment[0], google_project_service.enable_access_context_manager[0]]
114114
create_duration = var.vpc_service_control_sleep_duration
115115
}
@@ -368,7 +368,7 @@ resource "google_access_context_manager_service_perimeter_dry_run_resource" "ser
368368
Enable Access Context Manager API
369369
*****************************************/
370370
resource "google_project_service" "enable_access_context_manager" {
371-
count = var.vpc_service_control_attach_enabled || var.vpc_service_control_attach_enabled ? 1 : 0
371+
count = var.vpc_service_control_attach_enabled || var.vpc_service_control_attach_dry_run ? 1 : 0
372372
project = google_project.main.number
373373
service = "accesscontextmanager.googleapis.com"
374374
}

modules/core_project_factory/variables.tf

+1-1
Original file line numberDiff line numberDiff line change
@@ -111,7 +111,7 @@ variable "activate_apis" {
111111
variable "activate_api_identities" {
112112
description = <<EOF
113113
The list of service identities (Google Managed service account for the API) to force-create for the project (e.g. in order to grant additional roles).
114-
APIs in this list will automatically be appended to `activate_apis`.
114+
APIs in this list will automatically be appended to `activate_apis`. Use for services supported by `gcloud beta services identity create`
115115
Not including the API in this list will follow the default behaviour for identity creation (which is usually when the first resource using the API is created).
116116
Any roles (e.g. service agent role) must be explicitly listed. See https://cloud.google.com/iam/docs/understanding-roles#service-agent-roles-roles for a list of related roles.
117117
EOF

0 commit comments

Comments
 (0)