GCP Workload Identity Provider for Terraform Cloud Dynamic Credentials
This terraform code is a part of GCP Workload Identity Federation for Terraform Cloud blueprint.
The codebase provisions the following list of resources:
- (optional) GCP Project
- IAM Service Account
- Workload Identity Pool
- Workload Identity Provider
- IAM Permissins
Variables
| name | description | type | required | default |
|---|---|---|---|---|
| billing_account | Billing account id used as default for new projects. | string |
✓ | |
| project_id | Existing project id. | string |
✓ | |
| tfc_organization_id | TFC organization id. | string |
✓ | |
| tfc_workspace_id | TFC workspace id. | string |
✓ | |
| issuer_uri | Terraform Cloud/Enterprise uri. Replace the uri if a self hosted instance is used. | string |
"https://app.terraform.io/" |
|
| parent | Parent folder or organization in 'folders/folder_id' or 'organizations/org_id' format. | string |
null |
|
| project_create | Create project instead of using an existing one. | bool |
true |
|
| workload_identity_pool_id | Workload identity pool id. | string |
"tfc-pool" |
|
| workload_identity_pool_provider_id | Workload identity pool provider id. | string |
"tfc-provider" |
Outputs
| name | description | sensitive |
|---|---|---|
| project_id | GCP Project ID. | |
| tfc_workspace_wariables | Variables to be set on the TFC workspace. |