zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
cloud-foundation-fabric/blueprints/cloud-operations/terraform-enterprise-wif/tfc-workflow-using-wif/tfc-oidc
History
Julio Castillo 08f2540872 Bump provider version 2023-02-07 15:59:29 +01:00
..
README.md Fix tests 2022-12-18 20:37:16 +01:00
get_audience.sh feat(blueprints): get audience from tfc environment 2022-12-05 15:50:35 +01:00
main.tf feat(blueprints): get audience from tfc environment 2022-12-05 15:50:35 +01:00
outputs.tf feat(blueprints): get audience from tfc environment 2022-12-05 15:50:35 +01:00
variables.tf feat(blueprints): get audience from tfc environment 2022-12-05 15:50:35 +01:00
versions.tf Bump provider version 2023-02-07 15:59:29 +01:00
write_token.sh feat: TFE OIDC with GCP WIF blueprint added. 2022-10-25 13:04:27 +02:00

README.md

Terraform Enterprise OIDC Credential for GCP Workload Identity Federation

This is a helper module to prepare GCP Credentials from Terraform Enterprise workload identity token. For more information see Terraform Enterprise Workload Identity Federation blueprint.

Example

module "tfe_oidc" {
  source = "./tfc-oidc"

  impersonate_service_account_email = "tfe-test@tfe-test-wif.iam.gserviceaccount.com"
}

provider "google" {
  credentials = module.tfe_oidc.credentials
}

provider "google-beta" {
  credentials = module.tfe_oidc.credentials
}

# tftest skip

Variables

name description type required default
impersonate_service_account_email Service account to be impersonated by workload identity federation. string
tmp_oidc_token_path Name of the temporary file where TFC OIDC token will be stored to authentificate terraform provider google. string ".oidc_token"

Outputs

name description sensitive
credentials Credentials in format to pass the to gcp provider.