add Service accounts as assets

Author: LittleSalkin1806

providers/gcp/config/config.go

@@ -67,6 +67,7 @@ Examples with the GCP project configured:
 				resources.DiscoverDataprocClusters,
 				resources.DiscoverLoggingBuckets,
 				resources.DiscoverApiKeys,
+				resources.DiscoverIamServiceAccounts,
 			},
 			Flags: []plugin.Flag{
 				{

providers/gcp/connection/platform.go

@@ -148,6 +148,8 @@ func GetTitleForPlatformName(name string) string {
 		return "GCP Logging Bucket"
 	case "gcp-apikey":
 		return "GCP API Key"
+	case "gcp-iam-service-account":
+		return "GCP IAM Service Account"
 	}
 	return "Google Cloud Platform"
 }
@@ -265,6 +267,13 @@ func ResourceTechnologyUrl(service, project, region, objectType, name string) []
 		default:
 			return []string{"gcp", project, "apikeys", region, "other"}
 		}
+	case "iam":
+		switch objectType {
+		case "service-account":
+			return []string{"gcp", project, "iam", region, "service-account"}
+		default:
+			return []string{"gcp", project, "iam", region, "other"}
+		}
 	default:
 		return []string{"gcp", project, "other"}
 	}

providers/gcp/resources/discovery.go

@@ -57,6 +57,7 @@ const (
 	DiscoverDataprocClusters        = "dataproc-clusters"
 	DiscoverLoggingBuckets          = "logging-buckets"
 	DiscoverApiKeys                 = "apikeys"
+	DiscoverIamServiceAccounts      = "iam-service-accounts"
 )
 
 var All = []string{
@@ -98,6 +99,7 @@ var Auto = []string{
 	DiscoverDataprocClusters,
 	DiscoverLoggingBuckets,
 	DiscoverApiKeys,
+	DiscoverIamServiceAccounts,
 }
 
 var AllAPIResources = []string{
@@ -126,6 +128,7 @@ var AllAPIResources = []string{
 	DiscoverDataprocClusters,
 	DiscoverLoggingBuckets,
 	DiscoverApiKeys,
+	DiscoverIamServiceAccounts,
 }
 
 // List of all CloudSQL types, this will be used during discovery
@@ -1133,6 +1136,35 @@ func discoverProject(conn *connection.GcpConnection, gcpProject *mqlGcpProject,
 		}
 	}
 
+	if stringx.ContainsAnyOf(discoveryTargets, DiscoverIamServiceAccounts) {
+		iamSvc := gcpProject.GetIam()
+		if iamSvc.Error != nil {
+			return nil, iamSvc.Error
+		}
+		sas := iamSvc.Data.GetServiceAccounts()
+		if sas.Error != nil {
+			return nil, sas.Error
+		}
+		for i := range sas.Data {
+			sa := sas.Data[i].(*mqlGcpProjectIamServiceServiceAccount)
+			assetList = append(assetList, &inventory.Asset{
+				PlatformIds: []string{
+					connection.NewResourcePlatformID("iam", gcpProject.Id.Data, "global", "service-account", sa.UniqueId.Data),
+				},
+				Name: sa.Email.Data,
+				Platform: &inventory.Platform{
+					Name:                  "gcp-iam-service-account",
+					Title:                 connection.GetTitleForPlatformName("gcp-iam-service-account"),
+					Runtime:               "gcp",
+					Kind:                  "gcp-object",
+					Family:                []string{"google"},
+					TechnologyUrlSegments: connection.ResourceTechnologyUrl("iam", gcpProject.Id.Data, "global", "service-account", sa.UniqueId.Data),
+				},
+				Connections: []*inventory.Config{conn.Conf.Clone(inventory.WithoutDiscovery(), inventory.WithParentConnectionId(conn.Conf.Id))},
+			})
+		}
+	}
+
 	return assetList, nil
 }