github.com/vtorhonen/terraform@v0.9.0-beta2.0.20170307220345-5d894e4ffda7/website/source/docs/providers/google/r/google_service_account.html.markdown

github.com/vtorhonen/terraform@v0.9.0-beta2.0.20170307220345-5d894e4ffda7/website/source/docs/providers/google/r/google_service_account.html.markdown (about)

     1  ---
     2  layout: "google"
     3  page_title: "Google: google_service_account"
     4  sidebar_current: "docs-google-service-account"
     5  description: |-
     6   Allows management of a Google Cloud Platform service account.
     7  ---
     8  
     9  # google\_service\_account
    10  
    11  Allows management of a [Google Cloud Platform service account](https://cloud.google.com/compute/docs/access/service-accounts)
    12  
    13  ## Example Usage
    14  
    15  This snippet creates a service account, then gives it objectViewer
    16  permission in a project.
    17  
    18  ```js
    19  resource "google_service_account" "object_viewer" {
    20    account_id   = "object-viewer"
    21    display_name = "Object viewer"
    22  }
    23  
    24  resource "google_project" "my_project" {
    25    id          = "your-project-id"
    26    policy_data = "${data.google_iam_policy.admin.policy_data}"
    27  }
    28  
    29  data "google_iam_policy" "admin" {
    30    binding {
    31      role = "roles/storage.objectViewer"
    32  
    33      members = [
    34        "serviceAccount:${google_service_account.object_viewer.email}",
    35      ]
    36    }
    37  }
    38  ```
    39  
    40  ## Argument Reference
    41  
    42  The following arguments are supported:
    43  
    44  * `account_id` - (Required) The service account ID.
    45      Changing this forces a new service account to be created.
    46  
    47  * `display_name` - (Optional) The display name for the service account.
    48      Can be updated without creating a new resource.
    49  
    50  * `project` - (Optional) The project that the service account will be created in.
    51      Defaults to the provider project configuration.
    52  
    53  * `policy_data` - (Optional) The `google_iam_policy` data source that represents
    54      the IAM policy that will be applied to the service account. The policy will be
    55      merged with any existing policy.
    56  
    57      Changing this updates the policy.
    58  
    59      Deleting this removes the policy declared in Terraform. Any policy bindings
    60      associated with the project before Terraform was used are not deleted.
    61  
    62  ## Attributes Reference
    63  
    64  In addition to the arguments listed above, the following computed attributes are
    65  exported:
    66  
    67  * `email` - The e-mail address of the service account. This value
    68      should be referenced from any `google_iam_policy` data sources
    69      that would grant the service account privileges.
    70  
    71  * `name` - The fully-qualified name of the service account.
    72  
    73  * `unique_id` - The unique id of the service account.