talexander/infra_snippets
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Add a cloudsql username output from the workload identity module.

Browse Source
This commit is contained in:
Tom Alexander 2021-07-18 18:45:27 -04:00
parent 5945ad86a8
commit 78b497783b
Signed by: talexander
GPG Key ID: D3A179C9A53C0EDE
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
terraform/modules/workload_identity_account/workload_identity_account.tf
View File

@ -23,6 +23,11 @@ output "service_account" {
value = google_service_account.service_account value = google_service_account.service_account
} }
output "cloudsql_username" {
description = "If this service account is to be used with IAM database authentication, this would be the username for the user. Note that the google_sql_user is not created by this module."
value = trimsuffix(google_service_account.service_account.email, ".gserviceaccount.com")
}
resource "google_service_account" "service_account" { resource "google_service_account" "service_account" {
account_id = "wi-${var.k8s_namespace}-${var.k8s_service_account}" account_id = "wi-${var.k8s_namespace}-${var.k8s_service_account}"
display_name = "Workload identity account for GKE [${var.k8s_namespace}/${var.k8s_service_account}]" display_name = "Workload identity account for GKE [${var.k8s_namespace}/${var.k8s_service_account}]"