Merge pull request #8431 from sairez/sairez/google-instance-template-custom-service-account
provider/google: Allow custom Compute Engine service account in instance template
This commit is contained in:
commit
78481341f6
|
@ -272,12 +272,14 @@ func resourceComputeInstanceTemplate() *schema.Resource {
|
||||||
|
|
||||||
"service_account": &schema.Schema{
|
"service_account": &schema.Schema{
|
||||||
Type: schema.TypeList,
|
Type: schema.TypeList,
|
||||||
|
MaxItems: 1,
|
||||||
Optional: true,
|
Optional: true,
|
||||||
ForceNew: true,
|
ForceNew: true,
|
||||||
Elem: &schema.Resource{
|
Elem: &schema.Resource{
|
||||||
Schema: map[string]*schema.Schema{
|
Schema: map[string]*schema.Schema{
|
||||||
"email": &schema.Schema{
|
"email": &schema.Schema{
|
||||||
Type: schema.TypeString,
|
Type: schema.TypeString,
|
||||||
|
Optional: true,
|
||||||
Computed: true,
|
Computed: true,
|
||||||
ForceNew: true,
|
ForceNew: true,
|
||||||
},
|
},
|
||||||
|
@ -543,8 +545,13 @@ func resourceComputeInstanceTemplateCreate(d *schema.ResourceData, meta interfac
|
||||||
scopes = append(scopes, canonicalizeServiceScope(scope))
|
scopes = append(scopes, canonicalizeServiceScope(scope))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
email := "default"
|
||||||
|
if v := d.Get(prefix + ".email"); v != nil {
|
||||||
|
email = v.(string)
|
||||||
|
}
|
||||||
|
|
||||||
serviceAccount := &compute.ServiceAccount{
|
serviceAccount := &compute.ServiceAccount{
|
||||||
Email: "default",
|
Email: email,
|
||||||
Scopes: scopes,
|
Scopes: scopes,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -150,7 +150,7 @@ The following arguments are supported:
|
||||||
* `scheduling` - (Optional) The scheduling strategy to use. More details about
|
* `scheduling` - (Optional) The scheduling strategy to use. More details about
|
||||||
this configuration option are detailed below.
|
this configuration option are detailed below.
|
||||||
|
|
||||||
* `service_account` - (Optional) Service account to attach to the instance.
|
* `service_account` - (Optional) Service account to attach to the instance. Structure is documented below.
|
||||||
|
|
||||||
* `tags` - (Optional) Tags to attach to the instance.
|
* `tags` - (Optional) Tags to attach to the instance.
|
||||||
|
|
||||||
|
@ -214,6 +214,9 @@ The `access_config` block supports:
|
||||||
|
|
||||||
The `service_account` block supports:
|
The `service_account` block supports:
|
||||||
|
|
||||||
|
* `email` - (Optional) The service account e-mail address. If not given, the
|
||||||
|
default Google Compute Engine service account is used.
|
||||||
|
|
||||||
* `scopes` - (Required) A list of service scopes. Both OAuth2 URLs and gcloud
|
* `scopes` - (Required) A list of service scopes. Both OAuth2 URLs and gcloud
|
||||||
short names are supported.
|
short names are supported.
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue