2023-02-18 15:51:49 -08:00
# GCP Workload Identity Provider for Terraform Cloud Dynamic Credentials
2022-10-25 04:04:27 -07:00
2023-02-18 15:51:49 -08:00
This terraform code is a part of [GCP Workload Identity Federation for Terraform Cloud ](../ ) blueprint.
2022-10-25 04:04:27 -07:00
The codebase provisions the following list of resources:
2023-02-18 15:51:49 -08:00
- (optional) GCP Project
- IAM Service Account
- Workload Identity Pool
- Workload Identity Provider
- IAM Permissins
2022-10-25 04:04:27 -07:00
<!-- BEGIN TFDOC -->
## Variables
| name | description | type | required | default |
|---|---|:---:|:---:|:---:|
| [billing_account ](variables.tf#L16 ) | Billing account id used as default for new projects. | < code > string</ code > | ✓ | |
2022-10-28 08:26:52 -07:00
| [project_id ](variables.tf#L43 ) | Existing project id. | < code > string</ code > | ✓ | |
2023-02-18 15:51:49 -08:00
| [tfc_organization_id ](variables.tf#L48 ) | TFC organization id. | < code > string</ code > | ✓ | |
| [tfc_workspace_id ](variables.tf#L53 ) | TFC workspace id. | < code > string</ code > | ✓ | |
| [issuer_uri ](variables.tf#L21 ) | Terraform Cloud/Enterprise uri. Replace the uri if a self hosted instance is used. | < code > string</ code > | | < code > " https:// app.terraform.io/" </ code > |
2022-10-25 04:04:27 -07:00
| [parent ](variables.tf#L27 ) | Parent folder or organization in 'folders/folder_id' or 'organizations/org_id' format. | < code > string</ code > | | < code > null</ code > |
2022-10-28 08:26:52 -07:00
| [project_create ](variables.tf#L37 ) | Create project instead of using an existing one. | < code > bool</ code > | | < code > true</ code > |
2023-02-18 15:51:49 -08:00
| [workload_identity_pool_id ](variables.tf#L58 ) | Workload identity pool id. | < code > string</ code > | | < code > " tfc-pool" </ code > |
| [workload_identity_pool_provider_id ](variables.tf#L64 ) | Workload identity pool provider id. | < code > string</ code > | | < code > " tfc-provider" </ code > |
2022-10-25 04:04:27 -07:00
## Outputs
| name | description | sensitive |
|---|---|:---:|
2023-02-18 15:51:49 -08:00
| [project_id ](outputs.tf#L15 ) | GCP Project ID. | |
| [tfc_workspace_wariables ](outputs.tf#L20 ) | Variables to be set on the TFC workspace. | |
2022-10-25 04:04:27 -07:00
<!-- END TFDOC -->
2023-02-08 12:42:15 -08:00
## Test
```hcl
module "test" {
2023-02-24 10:02:24 -08:00
source = "./fabric/blueprints/cloud-operations/terraform-cloud-dynamic-credentials/gcp-workload-identity-provider"
2023-02-08 12:42:15 -08:00
billing_account = "1234-ABCD-1234"
project_create = true
project_id = "project-1"
parent = "folders/12345"
2023-02-24 10:02:24 -08:00
tfc_organization_id = "org-123"
tfc_workspace_id = "ws-123"
2023-02-08 12:42:15 -08:00
workload_identity_pool_id = "tfe-pool"
workload_identity_pool_provider_id = "tf-provider"
issuer_uri = "https://app.terraform.io/"
}
# tftest modules=3 resources=12
```
