devsecblueprint
diff --git a/‎terraform/main.tf‎
Lines changed: 1 addition & 0 deletions b/‎terraform/main.tf‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎terraform/modules/pipelines/main.tf‎
Lines changed: 9 additions & 0 deletions b/‎terraform/modules/pipelines/main.tf‎
Lines changed: 9 additions & 0 deletions
diff --git a/‎terraform/modules/pipelines/variable.tf‎
Lines changed: 5 additions & 0 deletions b/‎terraform/modules/pipelines/variable.tf‎
Lines changed: 5 additions & 0 deletions
@@ -47,6 +47,7 @@ module "gcp_python_fastapi_pipeline" {
  region = var.region
 
  cloudbuild_trigger_name = "gcp-python-fastapi"
+ service_name = "gcp-python-fastapi-service"
  description = "Cloud Build Trigger for GCP Python FastAPI"
  github_repo_name = "gcp-python-fastapi"
  secret_id = google_secret_manager_secret.snyk_token.secret_id
 
@@ -21,6 +21,15 @@ resource "google_project_iam_member" "cloud_build_roles" {
  member = "serviceAccount:${google_service_account.cloudbuild_service_account.email}"
 }
 
+resource "google_cloud_run_service_iam_member" "all_users_invoker" {
+ project = var.project_id
+ location = var.region
+ service = var.service_name
+
+ role = "roles/run.invoker"
+ member = "allUsers"
+}
+
 resource "google_secret_manager_secret_iam_binding" "secret_manager_binding" {
  for_each = toset([
  "roles/secretmanager.secretAccessor",
 
@@ -3,6 +3,11 @@ variable "cloudbuild_trigger_name" {
  type = string
 }
 
+variable "service_name" {
+ description = "Name of the Cloud Run service"
+ type = string
+}
+
 variable "description" {
  description = "Description of the Cloud Build trigger"
  type = string