Skip to content

SweetOps/terraform-google-service-account

BranchesTags

Repository files navigation

terraform-google-service-account

Terraform module to provision service account with normalized name.

Usage

module "service_account" {
  source    = "git::https://github.com/SweetOps/terraform-google-service-account.git?ref=master"
  name      = "awesome"
  stage     = "production"
  namespace = "sweetops"
}

Requirements

Name Version
terraform >= 0.13
google >= 3.0

Providers

Name Version
google >= 3.0

Inputs

Name Description Type Default Required
additional_tag_map Additional tags for appending to tags_as_list_of_maps. Not added to tags. map(string) {} no
attributes Additional attributes (e.g. 1) list(string) [] no
context Single object for setting entire context at once.
See description of individual variables for details.
Leave string and numeric variables as null to use default value.
Individual variable settings (non-null) override settings in context object,
except for attributes, tags, and additional_tag_map, which are merged.		 any 
{
  "additional_tag_map": {},
  "attributes": [],
  "delimiter": null,
  "enabled": true,
  "environment": null,
  "id_length_limit": null,
  "label_key_case": null,
  "label_order": [],
  "label_value_case": null,
  "name": null,
  "namespace": null,
  "regex_replace_chars": null,
  "stage": null,
  "tags": {}
}
 no
create_service_account_key Whether to create service account key bool true no
delimiter Delimiter to be used between namespace, environment, stage, name and attributes.
Defaults to - (hyphen). Set to "" to use no delimiter at all.		 string null no
description A text description of the service account. string "Managed by Terraform" no
enabled Set to false to prevent the module from creating any resources bool null no
environment Environment, e.g. 'uw2', 'us-west-2', OR 'prod', 'staging', 'dev', 'UAT' string null no
id_length_limit Limit id to this many characters (minimum 6).
Set to 0 for unlimited length.
Set to null for default, which is 0.
Does not affect id_full.		 number null no
keepers Arbitrary map of values that, when changed, will trigger a new key to be generated. map(string) null no
key_algorithm The algorithm used to generate the key. Possible values: KEY_ALG_UNSPECIFIED, KEY_ALG_RSA_1024, KEY_ALG_RSA_2048 string "KEY_ALG_RSA_2048" no
label_key_case The letter case of label keys (tag names) (i.e. name, namespace, environment, stage, attributes) to use in tags.
Possible values: lower, title, upper.
Default value: title.		 string "lower" no
label_order The naming order of the id output and Name tag.
Defaults to ["namespace", "environment", "stage", "name", "attributes"].
You can omit any of the 5 elements, but at least one must be present.		 list(string) null no
label_value_case The letter case of output label values (also used in tags and id).
Possible values: lower, title, upper and none (no transformation).
Default value: lower.		 string null no
name Solution name, e.g. 'app' or 'jenkins' string null no
namespace Namespace, which could be your organization name or abbreviation, e.g. 'eg' or 'cp' string null no
private_key_type The output format of the private key. string "TYPE_GOOGLE_CREDENTIALS_FILE" no
project The project in which the resource belongs. If it is not provided, the provider project is used. string null no
public_key_data Public key data to create a service account key for given service account. The expected format for this field is a base64 encoded X509_PEM and it conflicts with public_key_type and private_key_type. string null no
public_key_type The output format of the public key requested. string "TYPE_X509_PEM_FILE" no
regex_replace_chars Regex to replace chars with empty string in namespace, environment, stage and name.
If not set, "/[^a-zA-Z0-9-]/" is used to remove all characters other than hyphens, letters and digits.		 string null no
roles The list of roles that should be applied to service account. list(string) [] no
stage Stage, e.g. 'prod', 'staging', 'dev', OR 'source', 'build', 'test', 'deploy', 'release' string null no
tags Additional tags (e.g. map('BusinessUnit','XYZ') map(string) {} no

Outputs

Name Description
email The e-mail address of the service account.
id The id of the service account.
key_id The id of the service account key.
key_name The name of the service account key.
name The fully-qualified name of the service account.
private_key The private key in JSON format, base64 encoded.
public_key The public key, base64 encoded.
unique_id The unique id of the service account.

License

The Apache-2.0 license

About

Terraform module : GCP : for creation service account.

Resources

Readme

License

Apache-2.0 license
Activity

Stars

7 stars

Watchers

1 watching

Forks

12 forks
Report repository

Releases 3

v0.3.0 Latest
Mar 17, 2021
+ 2 releases

Packages

No packages published

Languages