fix: revert pubsub topic create

terraform/README.md

@@ -53,14 +53,14 @@ or
 
 ```bash
 cd terraform/infra
+terraform init
 terraform apply -auto-approve
 ```
 
 ## Build the malware scanner service image
 
 ```bash
 cd ../../cloudrun-malware-scanner
-
 gcloud builds submit --region=$TF_VAR_region --config=cloudbuild.yaml  --service-account=projects/$PROJECT_ID/serviceAccounts/malware-scanner-build@$PROJECT_ID.iam.gserviceaccount.com .
 ```
 

terraform/infra/main.tf

@@ -72,15 +72,13 @@ resource "google_artifact_registry_repository" "repo" {
   depends_on    = [module.apis]
 }
 
-## Create pubsub topic for scanner bucket notifications and allow GCS to publish
-resource "google_pubsub_topic" "scanner-gcs-notifications" {
-  name = "${var.service_name}-gcs-notifications"
-}
+## Allow GCS to publish to pubsub
+#
 data "google_storage_project_service_account" "gcs_account" {
   depends_on = [module.apis]
 }
-resource "google_pubsub_topic_iam_binding" "gcs_sa_pubsub_publish" {
-  topic   = google_pubsub_topic.scanner-gcs-notifications.name
+resource "google_project_iam_binding" "gcs_sa_pubsub_publish" {
+  project = var.project_id
   role    = "roles/pubsub.publisher"
   members = ["serviceAccount:${data.google_storage_project_service_account.gcs_account.email_address}"]
 }

terraform/service/main.tf

@@ -80,11 +80,6 @@ data "google_storage_bucket" "unscanned-bucket" {
   name     = each.value
 }
 
-## Get pubsub topic for GCS notifications
-data "google_pubsub_topic" "scanner-gcs-notifications" {
-  name = "${var.service_name}-gcs-notifications"
-}
-
 ## Create EventArc Triggers on unscanned bucket(s)
 #
 resource "google_eventarc_trigger" "gcs-object-written" {
@@ -106,11 +101,6 @@ resource "google_eventarc_trigger" "gcs-object-written" {
     }
   }
   service_account = data.google_service_account.malware_scanner_sa.email
-  transport {
-    pubsub {
-      topic = data.google_pubsub_topic.scanner-gcs-notifications.name
-    }
-  }
 }
 
 ## Update pubsub subscriptions to increase deadlines