Generate service identity for a service.
To get more information about Service Identity, see:
data "google_project" "project" {}
resource "google_project_service_identity" "hc_sa" {
provider = google-beta
project = data.google_project.project.project_id
service = "healthcare.googleapis.com"
}
resource "google_project_iam_member" "hc_sa_bq_jobuser" {
project = data.google_project.project.project_id
role = "roles/bigquery.jobUser"
member = "serviceAccount:${google_project_service_identity.hc_sa.email}"
}
The following arguments are supported:
service
-
(Required)
The service to generate identity for.project
- (Optional) The ID of the project in which the resource belongs.
If it is not provided, the provider project is used.In addition to the arguments listed above, the following computed attributes are exported:
email
- The email address of the Google managed service account.This resource does not support import.
This resource provides the following Timeouts configuration options: configuration options:
create
- Default is 20 minutes.This resource supports User Project Overrides.