From 36160943f30873818f9ec258aec3fb92e8be0707 Mon Sep 17 00:00:00 2001 From: James Turley Date: Fri, 10 Nov 2017 19:07:05 +0000 Subject: [PATCH] Correction and clarification of service_account_key docs (#721) * Clarify acceptable inputs for pgp_argument in service_account_key docs * Correct the key_algorithm argument docs on service_account_key --- website/docs/r/google_service_account_key.html.markdown | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/website/docs/r/google_service_account_key.html.markdown b/website/docs/r/google_service_account_key.html.markdown index 3e94d3da..f85ae030 100644 --- a/website/docs/r/google_service_account_key.html.markdown +++ b/website/docs/r/google_service_account_key.html.markdown @@ -46,14 +46,19 @@ The following arguments are supported: * `service_account_id` - (Required) The Service account id of the Key Pair. -* `key_algorithm` - (Optional) The output format of the private key. GOOGLE_CREDENTIALS_FILE is the default output format. Valid values are listed at [ServiceAccountPrivateKeyType](https://cloud.google.com/iam/reference/rest/v1/projects.serviceAccounts.keys#ServiceAccountPrivateKeyType) (only used on create) +* `key_algorithm` - (Optional) The algorithm used to generate the key. KEY_ALG_RSA_2048 is the default algorithm. +Valid values are listed at +[ServiceAccountPrivateKeyType](https://cloud.google.com/iam/reference/rest/v1/projects.serviceAccounts.keys#ServiceAccountKeyAlgorithm) +(only used on create) * `public_key_type` (Optional) The output format of the public key requested. X509_PEM is the default output format. * `private_key_type` (Optional) The output format of the private key. GOOGLE_CREDENTIALS_FILE is the default output format. * `pgp_key` – (Optional) An optional PGP key to encrypt the resulting private -key material. Only used when creating or importing a new key pair +key material. Only used when creating or importing a new key pair. May either be +a base64-encoded public key or a `keybase:keybaseusername` string for looking up +in Vault. ~> **NOTE:** a PGP key is not required, however it is strongly encouraged. Without a PGP key, the private key material will be stored in state unencrypted.