I am terrafrom module which will create the workload Identity Binding with k8s service account.
I will create the following resoucres using the terrafrom.
├── CODEOWNERS
├── CONTRIBUTING.md
├── LICENSE
├── Makefile
├── README.md
├── main.tf
├── output.tf
├── version.tf
├── Terraform-docs.md
└── variable.tf
I take the following variables and there are some defaults if not specified will take the deaults
variable "project_id" {}
variable "service_account_name" {}
variable "service_account_display_name" {}
variable "enable_kubernetes_service_account" {}
variable "namespace" {}
variable "kubernetes_service_account" {}
variable "automount_service_account_token" {}
For detailed description refer for varibale refere in here variable.tf
Below is the example usage for this module.
module "k8s_workload_identity" {
source = "git@github.com:ultimateai/terraform-workload-identity-k8s.git?ref=V1.0.0"
project_id = "my-gcp-project-name"
service_account_name = "my-gcp-service-account-name"
service_account_display_name = "my-gcp-service-account-display-name"
kubernetes_service_account = "my-k8s-service-account-name"
namespace = default
}
Purpose | Name | Reference |
---|---|---|
Documentation | terraform-docs | https://github.com/terraform-docs/terraform-docs |
Code Formatting | terraform fmt | https://www.terraform.io/docs/commands/fmt.html |
Validation | terraform validate | https://www.terraform.io/docs/commands/validate.html |
Linting | tflint | https://github.com/terraform-linters/tflint |
Security | tfsec | https://github.com/tfsec/tfsec https://www.tfsec.dev/docs/home/ |
k8s Workload Identity | k8s Workload Identity | https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity |