From b8ad36f21ab88b6107d3fe23912911ca0ee73c58 Mon Sep 17 00:00:00 2001
From: Leonhard Gruenschloss <leonhard.gruenschloss@populationgenomics.org.au>
Date: Thu, 18 Feb 2021 11:02:35 +1100
Subject: [PATCH] Add Artifact Registry permissions for the batch-agent service
 account.

---
 infra/main.tf | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/infra/main.tf b/infra/main.tf
index f621e55f5bc..93814998ff4 100644
--- a/infra/main.tf
+++ b/infra/main.tf
@@ -338,6 +338,14 @@ resource "google_artifact_registry_repository_iam_member" "artifact_registry_pul
   member = "serviceAccount:${google_service_account.gcr_pull.email}"
 }
 
+resource "google_artifact_registry_repository_iam_member" "artifact_registry_batch_agent_viewer" {
+  provider = google-beta
+  repository = google_artifact_registry_repository.repository.name
+  location = var.gcp_location
+  role = "roles/artifactregistry.reader"
+  member = "serviceAccount:${google_service_account.batch_agent.email}"
+}
+
 resource "google_artifact_registry_repository_iam_member" "artifact_registry_ci_viewer" {
   provider = google-beta
   repository = google_artifact_registry_repository.repository.name