zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
cloud-foundation-fabric/blueprints/cloud-operations/terraform-enterprise-wif/tfc-workflow-using-wif/tfc-oidc/README.md

1.2 KiB
Raw Blame History

Terraform Enterprise OIDC Credential for GCP Workload Identity Federation

This is a helper module to prepare GCP Credentials from Terraform Enterprise workload identity token. For more information see Terraform Enterprise Workload Identity Federation blueprint.

Example

module "tfe_oidc" {
  source = "./tfc-oidc"

  impersonate_service_account_email = "tfe-test@tfe-test-wif.iam.gserviceaccount.com"
}

provider "google" {
  credentials = module.tfe_oidc.credentials
}

provider "google-beta" {
  credentials = module.tfe_oidc.credentials
}

# tftest skip

Variables

name description type required default
impersonate_service_account_email Service account to be impersonated by workload identity federation. string
tmp_oidc_token_path Name of the temporary file where TFC OIDC token will be stored to authentificate terraform provider google. string ".oidc_token"

Outputs

name description sensitive
credentials Credentials in format to pass the to gcp provider.