ea77a3fe04
Service accounts do not have a field named `id`, but they have a few fields with `Id` in the name. This clarifies what terraform actually needs.
1.8 KiB
| layout | page_title | sidebar_current | description |
|---|---|---|---|
| Google: google_service_account | docs-google-datasource-service-account | Get the service account from a project. |
google_service_account
Get the service account from a project. For more information see the official API documentation.
Example Usage
data "google_service_account" "object_viewer" {
account_id = "object-viewer"
}
Example Usage, save key in Kubernetes secret
data "google_service_account" "myaccount" {
account_id = "myaccount-id"
}
resource "google_service_account_key" "mykey" {
service_account_id = "${data.google_service_account.myaccount.name}"
}
resource "kubernetes_secret" "google-application-credentials" {
metadata = {
name = "google-application-credentials"
}
data {
credentials.json = "${base64decode(google_service_account_key.mykey.private_key)}"
}
Argument Reference
The following arguments are supported:
-
account_id- (Required) The Service account id. (This is the part of the service account's email field that comes before the @ symbol.) -
project- (Optional) The ID of the project that the service account will be created in. Defaults to the provider project configuration.
Attributes Reference
In addition to the arguments listed above, the following computed attributes are exported:
-
email- The e-mail address of the service account. This value should be referenced from anygoogle_iam_policydata sources that would grant the service account privileges. -
unique_id- The unique id of the service account. -
name- The fully-qualified name of the service account. -
display_name- The display name for the service account.