Allows creation of service accounts for a Google Cloud Platform project.
- id: service_acct
source: community/modules/project/service-account
settings:
- project_id: $(vars.project_id)
- names: [ "instance_acct" ]
- project_roles: [
"roles/viewer",
"roles/storage.objectViewer",
]This creates a service account in GCP project "project_id" with the name "instance_acct". It will have the two roles "viewer" and "storage.objectViewer".
Copyright 2022 Google LLC
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
| Name | Version |
|---|---|
| terraform | >= 0.14.0 |
No providers.
| Name | Source | Version |
|---|---|---|
| service_accounts | terraform-google-modules/service-accounts/google | ~> 4.1 |
No resources.
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| billing_account_id | If assigning billing role, specify a billing account (default is to assign at the organizational level). | string |
"" |
no |
| description | Default description of the created service accounts (defaults to no description). | string |
"" |
no |
| descriptions | List of descriptions of the created service accounts (elements default to the value of description). | list(string) |
[] |
no |
| display_name | display names of the created service accounts. | string |
"" |
no |
| generate_keys | Generate keys for service accounts. | bool |
false |
no |
| grant_billing_role | Grant billing user role. | bool |
false |
no |
| grant_xpn_roles | Grant roles for shared VPC management. | bool |
true |
no |
| names | Names of the services accounts to create. | list(string) |
[] |
no |
| org_id | Id of the organization for org-level roles. | string |
"" |
no |
| prefix | prefix applied to service account names | string |
"" |
no |
| project_id | ID of the project | string |
n/a | yes |
| project_roles | list of roles to apply to created service accounts | list(string) |
n/a | yes |
| Name | Description |
|---|---|
| Service account email (for single use). | |
| emails | Service account emails by name. |
| emails_list | Service account emails s list. |
| iam_email | IAM-format service account email (for single use). |
| iam_emails | IAM-format service account emails by name. |
| iam_emails_list | IAM-format service account emails s list. |
| key | Service account key (for single use). |
| keys | Map of service account keys. |
| service_account | Service account resource (for single use). |
| service_accounts | Service account resources as list. |
| service_accounts_map | Service account resources by name. |