diff --git a/gcp/terraform/_config_project_dev.auto.tfvars b/gcp/terraform/_config_project_dev.auto.tfvars index 1151d1bf4..8a0ab4311 100644 --- a/gcp/terraform/_config_project_dev.auto.tfvars +++ b/gcp/terraform/_config_project_dev.auto.tfvars @@ -222,20 +222,6 @@ dev_projects = { roles = ["projects/c4hnrd-dev/roles/rolequeue"] description = "Service Account for running queue services" }, - open-shift-artifact-registry = { - roles = ["roles/artifactregistry.serviceAgent", "roles/cloudbuild.builds.builder", "roles/containerregistry.ServiceAgent"] - description = "" - }, - documentai-workflow-service-ac = { - roles = ["roles/composer.environmentAndStorageObjectViewer", "roles/documentai.apiUser", "roles/eventarc.eventReceiver", "roles/logging.logWriter", "roles/serviceusage.serviceUsageConsumer", "roles/storage.objectUser", "roles/storagetransfer.user", "roles/workflows.invoker"] - description = "" - resource_roles = [ - { resource = "projects/c4hnrd-dev/locations/us/repositories/gcr.io" - roles = ["roles/artifactregistry.repoAdmin"] - resource_type = "artifact_registry" - } - ] - }, doc-dev-sa = { roles = ["roles/artifactregistry.serviceAgent", "roles/compute.admin", "roles/storage.admin"] description = "Document Services Service Account" @@ -500,36 +486,10 @@ dev_projects = { resource_type = "pubsub_topic" }, ] - }, - sa-queue = { - roles = ["projects/gtksf3-dev/roles/rolequeue"] - description = "Service Account for running queue services" - }, - pay-test = { - roles = ["roles/iam.serviceAccountTokenCreator", "roles/pubsub.publisher", "roles/pubsub.subscriber"] - description = "" - }, - pay-pubsub-sa = { - roles = ["roles/iam.serviceAccountTokenCreator", "roles/pubsub.publisher", "roles/pubsub.subscriber"] - description = "Service Account for handling pay pusub subscriptions" - external_roles = [{ - roles = ["roles/iam.serviceAccountTokenCreator", "roles/run.invoker"] - project_id = "bcrbk9-dev" - }, - { - roles = ["roles/iam.serviceAccountTokenCreator", "roles/run.invoker"] - project_id = "a083gt-dev" - } - ] - }, sa-auth-db-standby-759 = { roles = ["roles/cloudsql.client", "roles/cloudsql.viewer"] description = "Service account used to backup auth db in OpenShift Gold Cluster, as part of disaster recovery plan." - }, - sre-role-testing-account = { - roles = ["projects/gtksf3-dev/roles/SRE"] - description = "" } } }, @@ -820,16 +780,6 @@ dev_projects = { } ] service_accounts = { - filer-to-doc-publisher = { - description = "Brandon Galli's testing service account " - resource_roles = [ - { - resource = "projects/c4hnrd-dev/topics/doc-api-app-create-record" - roles = ["roles/pubsub.publisher"] - resource_type = "pubsub_topic" - } - ] - }, sa-db-migrate = { roles = ["projects/a083gt-dev/roles/roledbmigrate"] description = "Service Account for running db alembic migration job" @@ -927,10 +877,6 @@ dev_projects = { roles = ["roles/cloudsql.client", "roles/cloudsql.viewer"] description = "" }, - sa-bni-file-upload-dev = { - roles = ["roles/storage.objectCreator"] - description = "Service Account to upload raw batch files to the BNI storage bucket" - }, business-pubsub-sa = { roles = ["roles/iam.serviceAccountTokenCreator", "roles/pubsub.publisher", "roles/pubsub.subscriber"] description = "" @@ -983,10 +929,6 @@ dev_projects = { roles = ["roles/cloudtasks.enqueuer", "roles/iam.serviceAccountUser", "roles/run.invoker"] description = "BN Tasks Cloud Run Invoker" }, - sa-bni-file-upload-dev = { - roles = ["roles/storage.objectCreator"] - description = "Service Account to upload raw batch files to the BNI storage bucket" - }, pubsub-cloud-run-invoker = { description = "" resource_roles = [ @@ -1325,10 +1267,6 @@ dev_projects = { apigee-dev-sa = { roles = ["roles/logging.admin", "roles/storage.admin"] description = "Service account for BC Registries Apigee dev environment." - }, - github-action-467311281 = { - roles = ["roles/cloudbuild.builds.editor", "roles/firebaseauth.admin", "roles/firebasehosting.admin", "roles/run.viewer", "roles/serviceusage.apiKeysViewer", "roles/serviceusage.serviceUsageConsumer", "roles/storage.admin"] - description = "A service account with permission to deploy to Firebase Hosting for the GitHub repository thorwolpert/bcregistry" } } }, @@ -1413,14 +1351,6 @@ dev_projects = { roles = ["roles/eventarc.eventReceiver", "roles/run.invoker"] description = "Service Account for running queue services" }, - test-notebook-dev = { - roles = ["roles/cloudsql.client", "roles/cloudsql.instanceUser", "roles/cloudsql.schemaViewer"] - description = "used with the test services" - }, - client-sql-proxy-service-accnt = { - roles = ["roles/cloudsql.admin", "roles/cloudsql.client"] - description = "" - } } }, "api-gateway-dev" = { diff --git a/gcp/terraform/_config_project_prod.auto.tfvars b/gcp/terraform/_config_project_prod.auto.tfvars index c46d64ee1..4c37dbb25 100644 --- a/gcp/terraform/_config_project_prod.auto.tfvars +++ b/gcp/terraform/_config_project_prod.auto.tfvars @@ -1068,10 +1068,6 @@ prod_projects = { roles = ["roles/cloudtasks.admin", "roles/editor"] description = "" }, - sa-bni-file-upload-prod = { - roles = ["roles/storage.objectCreator"] - description = "Service Account to upload raw batch files to the BNI storage bucket" - }, pubsub-cloud-run-invoker-prod = { description = "" resource_roles = [ @@ -1216,25 +1212,6 @@ prod_projects = { } ] }, - sa-ppr-document-storage = { - roles = ["projects/eogruh-prod/roles/CustomStorageAdmin", "roles/iam.serviceAccountTokenCreator"] - description = "Default service account for ppr cloud services" - }, - document-pubsub-invoker = { - roles = ["roles/pubsub.admin"] - description = "" - resource_roles = [ - { - resource = "projects/eogruh-prod/locations/northamerica-northeast1/services/document-delivery-service" - roles = ["roles/run.invoker"] - resource_type = "cloud_run" - } - ] - }, - sa-analytics-status-update-not = { - roles = ["roles/cloudsql.client", "roles/cloudsql.viewer"] - description = "" - }, bc-ppr-client-direct-docs-prod = { roles = ["projects/eogruh-prod/roles/CustomStorageAdmin", "roles/iam.serviceAccountTokenCreator"] description = "" diff --git a/gcp/terraform/_config_project_test.auto.tfvars b/gcp/terraform/_config_project_test.auto.tfvars index 61346cbf3..db42cdd02 100644 --- a/gcp/terraform/_config_project_test.auto.tfvars +++ b/gcp/terraform/_config_project_test.auto.tfvars @@ -727,10 +727,6 @@ test_projects = { roles = ["projects/a083gt-test/roles/rolequeue"] description = "Service Account for running queue services" }, - sa-bni-file-upload-test = { - roles = ["roles/storage.objectCreator"] - description = "Service Account to upload raw batch files to the BNI storage bucket" - }, business-ar-job-proc-paid-test = { roles = ["roles/run.invoker"] description = "submit AR back to the SOR" @@ -796,10 +792,6 @@ test_projects = { } ] }, - sa-bni-file-upload-test = { - roles = ["roles/storage.objectCreator"] - description = "Service Account to upload raw batch files to the BNI storage bucket" - }, pubsub-cloud-run-invoker-test = { description = "" resource_roles = [ @@ -892,21 +884,6 @@ test_projects = { roles = ["projects/eogruh-test/roles/rolequeue"] description = "Service Account for running queue services" }, - ppr-temp-verification-sa = { - roles = ["roles/iam.serviceAccountTokenCreator", "roles/pubsub.admin"] - description = "" - }, - sa-ppr-documents-test = { - roles = ["projects/eogruh-test/roles/ppr_document_storage_test", "roles/cloudsql.client", "roles/iam.serviceAccountTokenCreator"] - description = "" - resource_roles = [ - { - resource = "ppr_documents_test" - roles = ["projects/eogruh-test/roles/ppr_document_storage_test"] - resource_type = "storage_bucket" - } - ] - }, notify-identity = { roles = ["roles/cloudsql.client"] description = "" @@ -1136,10 +1113,6 @@ test_projects = { roles = ["projects/yfthig-test/roles/rolequeue"] description = "Service Account for running queue services" }, - github-action-416185190 = { - roles = ["roles/cloudbuild.builds.editor", "roles/firebaseauth.admin", "roles/firebasehosting.admin", "roles/run.viewer", "roles/serviceusage.apiKeysViewer", "roles/serviceusage.serviceUsageConsumer", "roles/storage.admin"] - description = "A service account with permission to deploy to Firebase Hosting for the GitHub repository thorwolpert/fh-test" - }, sa-cdcloudrun = { roles = ["projects/yfthig-test/roles/rolecdcloudrun"] description = "Service Account for running cdcloudrun services"