|
|
@ -18,6 +18,11 @@ variable "k8s_service_account" {
|
|
|
|
type = string
|
|
|
|
type = string
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
output "service_account" {
|
|
|
|
|
|
|
|
description = "The google_service_account that has been bound to the kubernetes service account."
|
|
|
|
|
|
|
|
value = google_service_account.service_account
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
resource "google_service_account" "service_account" {
|
|
|
|
resource "google_service_account" "service_account" {
|
|
|
|
account_id = "wi-${var.k8s_namespace}-${var.k8s_service_account}"
|
|
|
|
account_id = "wi-${var.k8s_namespace}-${var.k8s_service_account}"
|
|
|
|
display_name = "Workload identity account for GKE [${var.k8s_namespace}/${var.k8s_service_account}]"
|
|
|
|
display_name = "Workload identity account for GKE [${var.k8s_namespace}/${var.k8s_service_account}]"
|
|
|
|