Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/sweetops/terraform-google-service-account
Terraform module : GCP : for creation service account.
https://github.com/sweetops/terraform-google-service-account
Last synced: 17 days ago
JSON representation
Terraform module : GCP : for creation service account.
- Host: GitHub
- URL: https://github.com/sweetops/terraform-google-service-account
- Owner: SweetOps
- License: apache-2.0
- Created: 2017-10-15T15:21:52.000Z (over 7 years ago)
- Default Branch: master
- Last Pushed: 2021-03-17T15:13:02.000Z (almost 4 years ago)
- Last Synced: 2023-03-04T02:33:16.302Z (almost 2 years ago)
- Language: HCL
- Size: 23.4 KB
- Stars: 7
- Watchers: 1
- Forks: 12
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
- Codeowners: .github/CODEOWNERS
Awesome Lists containing this project
README
# terraform-google-service-account
Terraform module to provision service account with normalized name.
## Usage
```terraform
module "service_account" {
source = "git::https://github.com/SweetOps/terraform-google-service-account.git?ref=master"
name = "awesome"
stage = "production"
namespace = "sweetops"
}
```
## Requirements
| Name | Version |
|------|---------|
| terraform | >= 0.13 |
| google | >= 3.0 |
## Providers
| Name | Version |
|------|---------|
| google | >= 3.0 |
## Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| additional\_tag\_map | Additional tags for appending to tags\_as\_list\_of\_maps. Not added to `tags`. | `map(string)` | `{}` | no |
| attributes | Additional attributes (e.g. `1`) | `list(string)` | `[]` | no |
| context | Single object for setting entire context at once.
See description of individual variables for details.
Leave string and numeric variables as `null` to use default value.
Individual variable settings (non-null) override settings in context object,
except for attributes, tags, and additional\_tag\_map, which are merged. | `any` |
{
"additional_tag_map": {},
"attributes": [],
"delimiter": null,
"enabled": true,
"environment": null,
"id_length_limit": null,
"label_key_case": null,
"label_order": [],
"label_value_case": null,
"name": null,
"namespace": null,
"regex_replace_chars": null,
"stage": null,
"tags": {}
} | no |
| create\_service\_account\_key | Whether to create service account key | `bool` | `true` | no |
| delimiter | Delimiter to be used between `namespace`, `environment`, `stage`, `name` and `attributes`.
Defaults to `-` (hyphen). Set to `""` to use no delimiter at all. | `string` | `null` | no |
| description | A text description of the service account. | `string` | `"Managed by Terraform"` | no |
| enabled | Set to false to prevent the module from creating any resources | `bool` | `null` | no |
| environment | Environment, e.g. 'uw2', 'us-west-2', OR 'prod', 'staging', 'dev', 'UAT' | `string` | `null` | no |
| id\_length\_limit | Limit `id` to this many characters (minimum 6).
Set to `0` for unlimited length.
Set to `null` for default, which is `0`.
Does not affect `id_full`. | `number` | `null` | no |
| keepers | Arbitrary map of values that, when changed, will trigger a new key to be generated. | `map(string)` | `null` | no |
| key\_algorithm | The algorithm used to generate the key. Possible values: `KEY_ALG_UNSPECIFIED`, `KEY_ALG_RSA_1024`, `KEY_ALG_RSA_2048` | `string` | `"KEY_ALG_RSA_2048"` | no |
| label\_key\_case | The letter case of label keys (`tag` names) (i.e. `name`, `namespace`, `environment`, `stage`, `attributes`) to use in `tags`.
Possible values: `lower`, `title`, `upper`.
Default value: `title`. | `string` | `"lower"` | no |
| label\_order | The naming order of the id output and Name tag.
Defaults to ["namespace", "environment", "stage", "name", "attributes"].
You can omit any of the 5 elements, but at least one must be present. | `list(string)` | `null` | no |
| label\_value\_case | The letter case of output label values (also used in `tags` and `id`).
Possible values: `lower`, `title`, `upper` and `none` (no transformation).
Default value: `lower`. | `string` | `null` | no |
| name | Solution name, e.g. 'app' or 'jenkins' | `string` | `null` | no |
| namespace | Namespace, which could be your organization name or abbreviation, e.g. 'eg' or 'cp' | `string` | `null` | no |
| private\_key\_type | The output format of the private key. | `string` | `"TYPE_GOOGLE_CREDENTIALS_FILE"` | no |
| project | The project in which the resource belongs. If it is not provided, the provider project is used. | `string` | `null` | no |
| public\_key\_data | Public key data to create a service account key for given service account. The expected format for this field is a base64 encoded X509\_PEM and it conflicts with `public_key_type` and `private_key_type`. | `string` | `null` | no |
| public\_key\_type | The output format of the public key requested. | `string` | `"TYPE_X509_PEM_FILE"` | no |
| regex\_replace\_chars | Regex to replace chars with empty string in `namespace`, `environment`, `stage` and `name`.
If not set, `"/[^a-zA-Z0-9-]/"` is used to remove all characters other than hyphens, letters and digits. | `string` | `null` | no |
| roles | The list of roles that should be applied to service account. | `list(string)` | `[]` | no |
| stage | Stage, e.g. 'prod', 'staging', 'dev', OR 'source', 'build', 'test', 'deploy', 'release' | `string` | `null` | no |
| tags | Additional tags (e.g. `map('BusinessUnit','XYZ')` | `map(string)` | `{}` | no |
## Outputs
| Name | Description |
|------|-------------|
| email | The e-mail address of the service account. |
| id | The id of the service account. |
| key\_id | The id of the service account key. |
| key\_name | The name of the service account key. |
| name | The fully-qualified name of the service account. |
| private\_key | The private key in JSON format, base64 encoded. |
| public\_key | The public key, base64 encoded. |
| unique\_id | The unique id of the service account. |
## License
The Apache-2.0 license