地形:谷歌云。 为什么我不能在没有组织的情况下创建新项目?
[英]Terraform: Google cloud. Why cannot I create a new project without having an organisation?
问题描述
I cannot understand the rationale behind prohibiting a user that has no organisation to create new google cloud projects with terraform.
我无法理解禁止没有组织的用户使用 terraform 创建新的谷歌云项目背后的理由。 Indeed, if I use gcloud , I am able to create new projects and I can also do that using the web console.事实上,如果我使用gcloud ,我就可以创建新项目,也可以使用 Web 控制台来创建新项目。
1 个解决方案
解决方案1
0 2022-12-20 17:32:04
As mentioned in the documentation :如文档中所述:
The user or service account that is running Terraform when creating a
google_projectresource must haveroles/resourcemanager.projectCreatoron the specified organization.google_project资源时运行 Terraform 的用户或服务帐户必须在指定组织中具有roles/resourcemanager.projectCreator。
The problem with roles/resourcemanager.projectCreator is, that it's an organization role - not project role. roles/resourcemanager.projectCreator的问题在于,它是一个组织角色,而不是项目角色。 Therefore without organization one cannot get this role.因此,没有组织就无法获得这一角色。
The ability to do it using the console but not through the official Terraform way is strange indeed.使用控制台而不是通过官方 Terraform 方式执行此操作的能力确实很奇怪。
But, it seems that there's a workaround, that will just require you to provide billing account and will enable you creating new project - by using the project module of Google's official cloud-foundation-fabric .但是,似乎有一种解决方法,只需要您提供计费帐户并使您能够创建新项目 - 通过使用 Google 官方cloud-foundation-fabric的project模块。
Basic example:基本示例:
module "project" {
source = "github.com/GoogleCloudPlatform/cloud-foundation-fabric//modules/project?ref=v19.0.0"
billing_account = "your-billing-account"
name = "your-project-name"
services = [
"container.googleapis.com",
]
}
It might take some time (took me about 3.5 minutes), but did the job without creating organization.这可能需要一些时间(我花了大约 3.5 分钟),但在没有创建组织的情况下完成了这项工作。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.