Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: Enable multiple display name #99

Closed
2 changes: 2 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,7 @@ Functional examples are included in the
| description | Default description of the created service accounts (defaults to no description) | `string` | `""` | no |
| descriptions | List of descriptions for the created service accounts (elements default to the value of `description`) | `list(string)` | `[]` | no |
| display\_name | Display names of the created service accounts (defaults to 'Terraform-managed service account') | `string` | `"Terraform-managed service account"` | no |
| display\_names | List of display\_names for the created service accounts (elements default to the value of `display_name`) | `list(string)` | `[]` | no |
| generate\_keys | Generate keys for service accounts. | `bool` | `false` | no |
| grant\_billing\_role | Grant billing user role. | `bool` | `false` | no |
| grant\_xpn\_roles | Grant roles for shared VPC management. | `bool` | `true` | no |
Expand All @@ -60,6 +61,7 @@ Functional examples are included in the

| Name | Description |
|------|-------------|
| display\_names | display names variable. |
| email | Service account email (for single use). |
| emails | Service account emails by name. |
| emails\_list | Service account emails as list. |
Expand Down
2 changes: 1 addition & 1 deletion examples/multiple_service_accounts/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ module "service_accounts" {
prefix = ""
names = ["test-first", "test-second"]
generate_keys = true
display_name = "Test Service Accounts"
display_names = ["Test Service Accounts first", "Test Service Accounts second"]
description = "Test Service Accounts description"

project_roles = [
Expand Down
2 changes: 1 addition & 1 deletion main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ locals {
resource "google_service_account" "service_accounts" {
for_each = local.names
account_id = "${local.prefix}${lower(each.value)}"
display_name = var.display_name
display_name = index(var.names, each.value) >= length(var.display_names) ? var.display_name : element(var.display_names, index(var.names, each.value))
description = index(var.names, each.value) >= length(var.descriptions) ? var.description : element(var.descriptions, index(var.names, each.value))
project = var.project_id
}
Expand Down
5 changes: 5 additions & 0 deletions test/integration/multiple_service_accounts/controls/gcp.rb
Original file line number Diff line number Diff line change
Expand Up @@ -30,4 +30,9 @@
end
end

attribute('display_names').each do |display_name|
describe google_service_accounts(project: "#{attribute('project_id')}") do
its('service_account_display_names'){ should include display_name }
end
end
end
3 changes: 3 additions & 0 deletions test/integration/multiple_service_accounts/inspec.yml
Original file line number Diff line number Diff line change
Expand Up @@ -30,3 +30,6 @@ attributes:
- name: iam_emails
required: true
type: hash
- name: display_names
required: true
type: array
6 changes: 6 additions & 0 deletions variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -73,6 +73,12 @@ variable "display_name" {
default = "Terraform-managed service account"
}

variable "display_names" {
type = list(string)
description = "List of display_names for the created service accounts (elements default to the value of `display_name`)"
default = []
}

variable "description" {
type = string
description = "Default description of the created service accounts (defaults to no description)"
Expand Down
Loading