(iamAccount, role)
| 80 | } |
| 81 | |
| 82 | async function addRole(iamAccount, role) { |
| 83 | await $`gcloud projects add-iam-policy-binding ${project} ${[ |
| 84 | `--member=serviceAccount:${iamAccount}`, |
| 85 | `--role=${role}`, |
| 86 | `--format=none`, |
| 87 | ]}`; |
| 88 | } |
| 89 | |
| 90 | await addRole(pubSubAccount, "roles/iam.serviceAccountTokenCreator"); |
| 91 | await addRole(storageAccount, "roles/pubsub.publisher"); |