storage object

JamesWoolfenden · Sep 1, 2022 · 4028483 · 4028483
1 parent d89c600
commit 4028483
Show file tree

Hide file tree

Showing 7 changed files with 39 additions and 12 deletions.
diff --git a/src/files_gcp.go b/src/files_gcp.go
@@ -9,3 +9,6 @@ var googleComputeInstance []byte
 
 //go:embed mapping/gcp/resource/storage/google_storage_bucket.json
 var googleStorageBucket []byte
+
+//go:embed mapping/gcp/resource/storage/google_storage_bucket_object.json
+var googleStorageBucketObject []byte
diff --git a/src/gcp.go b/src/gcp.go
@@ -19,8 +19,9 @@ func GetGCPPermissions(result ResourceV2) []string {
 // GetGCPResourcePermissions looks up permissions required for resources
 func GetGCPResourcePermissions(result ResourceV2) []string {
 	TFLookup := map[string]interface{}{
-		"google_compute_instance": googleComputeInstance,
-		"google_storage_bucket":   googleStorageBucket,
+		"google_compute_instance":      googleComputeInstance,
+		"google_storage_bucket":        googleStorageBucket,
+		"google_storage_bucket_object": googleStorageBucketObject,
 	}
 
 	var Permissions []string

diff --git a/src/mapping/gcp/resource/storage/google_storage_bucket_object.json b/src/mapping/gcp/resource/storage/google_storage_bucket_object.json
@@ -0,0 +1,18 @@
+[
+  {
+    "apply": [
+      "storage.objects.create",
+      "storage.objects.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "storage.objects.delete"
+    ],
+    "modify": [
+      "storage.objects.get"
+    ],
+    "plan": []
+  }
+]
diff --git a/terraform/gcp/backup/google_storage_bucket_object.tf b/terraform/gcp/backup/google_storage_bucket_object.tf
@@ -0,0 +1,12 @@
+resource "google_storage_bucket_object" "object" {
+  name          = basename(var.sourcezip)
+  bucket        = "pike-central"
+  storage_class = "STANDARD"
+  kms_key_name  = "projects/examplea/locations/us-central1/keyRings/pike-us/cryptoKeys/pike/cryptoKeyVersions/1"
+  source        = var.sourcezip
+
+}
+
+variable "sourcezip" {
+  default = "main_test.zip"
+}
diff --git a/terraform/gcp/backup/main_test.zip b/terraform/gcp/backup/main_test.zip
diff --git a/terraform/gcp/role/google_project_iam_custom_role.tf b/terraform/gcp/role/google_project_iam_custom_role.tf
@@ -4,10 +4,9 @@ resource "google_project_iam_custom_role" "pike" {
   title       = "pike terraform user"
   description = "A user with least privileges"
   permissions = [
-    "storage.buckets.create",
-    "storage.buckets.get",
-    "storage.buckets.delete",
+    "storage.objects.create",
+    "storage.objects.delete",
 
-    "storage.buckets.update"
+    "storage.objects.get"
   ]
 }
diff --git a/todo_gcp.md b/todo_gcp.md
@@ -63,9 +63,3 @@
  google_storage_bucket_acl not implemented
  google_storage_bucket_acl not implemented
  google_storage_bucket_iam_binding not implemented
- google_storage_bucket_object not implemented
- google_storage_bucket_object not implemented
- google_storage_bucket_object not implemented
- google_storage_bucket_object not implemented
- google_storage_bucket_object not implemented
- google_storage_bucket_object not implemented