-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathoutputs.tf
More file actions
74 lines (63 loc) · 2.4 KB
/
outputs.tf
File metadata and controls
74 lines (63 loc) · 2.4 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
# Google Workload Identity Federation outputs
output "workload_identity_pool_name" {
description = "The full name of the Workload Identity Pool."
value = google_iam_workload_identity_pool.this.name
}
output "workload_identity_pool_id" {
description = "The ID of the Workload Identity Pool."
value = google_iam_workload_identity_pool.this.workload_identity_pool_id
}
output "workload_identity_pool_provider_id" {
description = "The ID of the Workload Identity Provider."
value = google_iam_workload_identity_pool_provider.this.workload_identity_pool_provider_id
}
output "workload_identity_provider" {
description = "The full resource path of the Workload Identity Provider (for use with google-github-actions/auth)."
value = local.workload_identity_provider
}
output "service_account_email" {
description = "The email of the Service Account used."
value = local.sa_email
}
output "principal_set" {
description = "The principal sets string used for IAM bindings."
value = local.principal_sets
}
output "attribute_condition" {
description = "The attribute condition used for the Workload Identity Provider."
value = local.attribute_condition
}
# GitHub Actions variables outputs
output "github_actions_variables" {
description = "The GitHub Actions variables created by this module."
value = {
(var.github_gcp_wif_project_id_variable_name) = data.google_project.project.project_id,
(var.github_gcp_wif_service_account_email_variable_name) = local.sa_email
(var.github_gcp_wif_workload_identity_provider_variable_name) = local.workload_identity_provider
}
}
# Secret manager outputs
output "secret_names" {
description = "Map of original secret names to their formatted names."
value = local.formatted_secret_names
}
output "secret_gcp_project_id" {
description = "The GCP project ID where secrets are stored."
value = local.secret_gcp_project_id
}
output "secret_created" {
description = "The names and IDs of the secrets created by this module."
value = {
for k, v in google_secret_manager_secret.secrets : k => {
name = v.name
id = v.id
}
}
}
output "secret_ids" {
description = "Map of original secret names to their Secret Manager secret IDs."
value = {
for name, formatted_name in local.formatted_secret_names :
name => google_secret_manager_secret.secrets[name].id
}
}