From 58f62e4d121ae35f4836047b3140c4e822357235 Mon Sep 17 00:00:00 2001
From: Abraham Martin <amc203@cam.ac.uk>
Date: Mon, 23 Mar 2020 11:51:45 +0000
Subject: [PATCH] Code Review changes

---
 examples/root-example/README.md |  2 +-
 main.tf                         |  2 +-
 variables.tf                    | 14 +++++++++-----
 3 files changed, 11 insertions(+), 7 deletions(-)

diff --git a/examples/root-example/README.md b/examples/root-example/README.md
index 38e2eaa..9c981f7 100644
--- a/examples/root-example/README.md
+++ b/examples/root-example/README.md
@@ -1,6 +1,6 @@
 # Simple example
 
-This is a simple example of storing depploying a cloud run enviroment into a
+This is a simple example of deploying a Cloud Run hosted container into a
 GCP project. Specify the project to deploy into and the sql instance to connect to
 on the command line. The sql instance connection is optional, use an empty string 
 if you do not want to connect Cloud Run to a SQL instance.
diff --git a/main.tf b/main.tf
index 514f1b7..8435956 100644
--- a/main.tf
+++ b/main.tf
@@ -99,7 +99,7 @@ resource "google_cloud_run_service" "webapp" {
 
 # Allow unauthenticated invocations for the webapp.
 resource "google_cloud_run_service_iam_member" "webapp_all_users_invoker" {
-  count    = var.webapp_open
+  count    = var.allow_unauthenticated_invocations ? 1 : 0
   location = google_cloud_run_service.webapp.location
   project  = google_cloud_run_service.webapp.project
   service  = google_cloud_run_service.webapp.name
diff --git a/variables.tf b/variables.tf
index 43ff18f..e21e9ce 100644
--- a/variables.tf
+++ b/variables.tf
@@ -39,16 +39,20 @@ variable "container_concurrency" {
 }
 
 variable "cpu_limit" {
-  description = "CPU limit for the deployed container. Defaults to 1 CPU."
+  description = "CPU limit for the deployed container. Defaults to 1 CPU, '1000m'."
   default     = "1000m"
 }
 
 variable "memory_limit" {
-  description = "Memory limit for the deployed container. Defaults to 512 MB."
+  description = "Memory limit for the deployed container. Defaults to 512 MB, '512M'."
   default     = "512M"
 }
 
-variable "webapp_open" {
-  description = "By default Cloud Run does not allow non-authenticated traffic to the web app. This settings changes that default to be open to all traffic (value of 1). Change it to 0 if you don't want to change default behaviour."
-  default     = 1
+variable "allow_unauthenticated_invocations" {
+  description = <<EOI
+If true, the webapp will allow unauthenticated invocations. If false, the webapp requires authentication
+as a Google user with the Cloud Run invoker permission on the deployment.
+EOI
+  type        = bool
+  default     = true
 }
-- 
GitLab