Skip to content
/ terraform-google-service-account Public
generated from blackbird-cloud/terraform-module-template

A Terraform module which helps you create Google Service Accounts.

License

Apache-2.0 license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

blackbird-cloud/terraform-google-service-account

BranchesTags

Repository files navigation

Terraform Google Service Account Module

A Terraform module which helps you create Google Service Accounts.

blackbird-logo

Example

module "service_account" {
  source  = "blackbird-cloud/service-account/google"
  version = "~> 1"

  account_id   = "my-app"
  display_name = "My service account."
  project      = "my-project"

  workload_identity_user          = true
  kubernetes_namespace            = "monitoring"
  kubernetes_service_account_name = "my-app"
  project_iam_member_roles = [
    {
      role    = "roles/pubsub.publisher",
      project = "my-project",
      conditions = [{
        title       = "title"
        description = "description"
        expression  = "my-exp"
      }]
    },
    {
      role    = "roles/datastore.owner",
      project = "my-other-project"
    },
  ]
  service_account_iam_member_roles = []
}

Requirements

Name Version
terraform >= 1
google >= 4

Providers

Name Version
google >= 4

Resources

Name Type
google_project_iam_member.roles resource
google_service_account.sa resource
google_service_account_iam_member.roles resource
google_service_account_iam_member.workload resource
google_storage_bucket_iam_member.default resource

Inputs

Name Description Type Default Required
account_id ID of the app, lowercase, max 30 chars. string n/a yes
description (Optional) A text description of the service account. Must be less than or equal to 256 UTF-8 bytes. string null no
display_name Display name of the app. string n/a yes
kubernetes_namespace Kubernetes namespace that hosts the Kubernetes Service Account attached to this Google Service Account. string null no
kubernetes_service_account_name Name of the Kubernetes Service Account to attach to this Google Service Account. string null no
project Google Project ID. string n/a yes
project_iam_member_roles List of project IAM member roles to attach to the Service Account. 
list(object({
    role    = string
    project = string
    conditions = optional(list(object({
      expression  = string
      title       = string
      description = optional(string)
    })))
  }))
 [] no
service_account_iam_member_roles List of project IAM member roles to attach to the Service Account. 
list(object({
    role   = string
    member = string
  }))
 [] no
storage_bucket_iam_members List of Storage bucket IAM member roles to attach to the Service Account. 
list(object({
    role   = string
    bucket = string
    conditions = optional(list(object({
      expression  = string
      title       = string
      description = optional(string)
    })))
  }))
 [] no
workload_identity_user Wether to attach the roles/iam.workloadIdentityUser Service Account IAM member to the Google Service Account bool false no

Outputs

Name Description
service_account The created Google Service Account.

About

We are Blackbird Cloud, Amsterdam based cloud consultancy, and cloud management service provider. We help companies build secure, cost efficient, and scale-able solutions.

Checkout our other 👉 terraform modules

Copyright

Copyright © 2017-2024 Blackbird Cloud

About

A Terraform module which helps you create Google Service Accounts.

Topics

google terraform gcp service-account

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

7 tags

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages