You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
30 lines
870 B
HCL
30 lines
870 B
HCL
# Requires a google_iam_workload_identity_pool to exist, but it is not
|
|
# referenced in this module.
|
|
|
|
|
|
variable "project" {
|
|
description = "Project ID."
|
|
type = string
|
|
}
|
|
|
|
variable "k8s_namespace" {
|
|
description = "Name of the kubernetes namespace containing the service account."
|
|
type = string
|
|
default = "default"
|
|
}
|
|
|
|
variable "k8s_service_account" {
|
|
description = "Service account name from kubernetes."
|
|
type = string
|
|
}
|
|
|
|
output "service_account" {
|
|
description = "The google_service_account that has been bound to the kubernetes service account."
|
|
value = google_service_account.service_account
|
|
}
|
|
|
|
resource "google_service_account" "service_account" {
|
|
account_id = "wi-${var.k8s_namespace}-${var.k8s_service_account}"
|
|
display_name = "Workload identity account for GKE [${var.k8s_namespace}/${var.k8s_service_account}]"
|
|
}
|