gcp.serviceaccount.getAccount

Explore with Pulumi AI

Google Cloud v8.25.1 published on Wednesday, Apr 9, 2025 by Pulumi

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const objectViewer = gcp.serviceaccount.getAccount({
    accountId: "object-viewer",
});

import pulumi
import pulumi_gcp as gcp

object_viewer = gcp.serviceaccount.get_account(account_id="object-viewer")

package main

import (
	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/serviceaccount"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := serviceaccount.LookupAccount(ctx, &serviceaccount.LookupAccountArgs{
			AccountId: "object-viewer",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;

return await Deployment.RunAsync(() => 
{
    var objectViewer = Gcp.ServiceAccount.GetAccount.Invoke(new()
    {
        AccountId = "object-viewer",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.serviceaccount.ServiceaccountFunctions;
import com.pulumi.gcp.serviceaccount.inputs.GetAccountArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var objectViewer = ServiceaccountFunctions.getAccount(GetAccountArgs.builder()
            .accountId("object-viewer")
            .build());

    }
}

variables:
  objectViewer:
    fn::invoke:
      function: gcp:serviceaccount:getAccount
      arguments:
        accountId: object-viewer

Save Key In Kubernetes Secret

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
import * as kubernetes from "@pulumi/kubernetes";
import * as std from "@pulumi/std";

const myaccount = gcp.serviceaccount.getAccount({
    accountId: "myaccount-id",
});
const mykey = new gcp.serviceaccount.Key("mykey", {serviceAccountId: myaccount.then(myaccount => myaccount.name)});
const google_application_credentials = new kubernetes.core.v1.Secret("google-application-credentials", {
    metadata: {
        name: "google-application-credentials",
    },
    data: {
        json: std.base64decodeOutput({
            input: mykey.privateKey,
        }).apply(invoke => invoke.result),
    },
});

import pulumi
import pulumi_gcp as gcp
import pulumi_kubernetes as kubernetes
import pulumi_std as std

myaccount = gcp.serviceaccount.get_account(account_id="myaccount-id")
mykey = gcp.serviceaccount.Key("mykey", service_account_id=myaccount.name)
google_application_credentials = kubernetes.core.v1.Secret("google-application-credentials",
    metadata={
        "name": "google-application-credentials",
    },
    data={
        "json": std.base64decode_output(input=mykey.private_key).apply(lambda invoke: invoke.result),
    })

package main

import (
	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/serviceaccount"
	corev1 "github.com/pulumi/pulumi-kubernetes/sdk/v4/go/kubernetes/core/v1"
	metav1 "github.com/pulumi/pulumi-kubernetes/sdk/v4/go/kubernetes/meta/v1"
	"github.com/pulumi/pulumi-std/sdk/go/std"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		myaccount, err := serviceaccount.LookupAccount(ctx, &serviceaccount.LookupAccountArgs{
			AccountId: "myaccount-id",
		}, nil)
		if err != nil {
			return err
		}
		mykey, err := serviceaccount.NewKey(ctx, "mykey", &serviceaccount.KeyArgs{
			ServiceAccountId: pulumi.String(myaccount.Name),
		})
		if err != nil {
			return err
		}
		_, err = corev1.NewSecret(ctx, "google-application-credentials", &corev1.SecretArgs{
			Metadata: &metav1.ObjectMetaArgs{
				Name: pulumi.String("google-application-credentials"),
			},
			Data: pulumi.StringMap{
				"json": pulumi.String(std.Base64decodeOutput(ctx, std.Base64decodeOutputArgs{
					Input: mykey.PrivateKey,
				}, nil).ApplyT(func(invoke std.Base64decodeResult) (*string, error) {
					return invoke.Result, nil
				}).(pulumi.StringPtrOutput)),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
using Kubernetes = Pulumi.Kubernetes;
using Std = Pulumi.Std;

return await Deployment.RunAsync(() => 
{
    var myaccount = Gcp.ServiceAccount.GetAccount.Invoke(new()
    {
        AccountId = "myaccount-id",
    });

    var mykey = new Gcp.ServiceAccount.Key("mykey", new()
    {
        ServiceAccountId = myaccount.Apply(getAccountResult => getAccountResult.Name),
    });

    var google_application_credentials = new Kubernetes.Core.V1.Secret("google-application-credentials", new()
    {
        Metadata = new Kubernetes.Types.Inputs.Meta.V1.ObjectMetaArgs
        {
            Name = "google-application-credentials",
        },
        Data = 
        {
            { "json", Std.Base64decode.Invoke(new()
            {
                Input = mykey.PrivateKey,
            }).Apply(invoke => invoke.Result) },
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.serviceaccount.ServiceaccountFunctions;
import com.pulumi.gcp.serviceaccount.inputs.GetAccountArgs;
import com.pulumi.gcp.serviceaccount.Key;
import com.pulumi.gcp.serviceaccount.KeyArgs;
import com.pulumi.kubernetes.core_v1.Secret;
import com.pulumi.kubernetes.core_v1.SecretArgs;
import com.pulumi.kubernetes.meta_v1.inputs.ObjectMetaArgs;
import com.pulumi.std.StdFunctions;
import com.pulumi.std.inputs.Base64decodeArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var myaccount = ServiceaccountFunctions.getAccount(GetAccountArgs.builder()
            .accountId("myaccount-id")
            .build());

        var mykey = new Key("mykey", KeyArgs.builder()
            .serviceAccountId(myaccount.name())
            .build());

        var google_application_credentials = new Secret("google-application-credentials", SecretArgs.builder()
            .metadata(ObjectMetaArgs.builder()
                .name("google-application-credentials")
                .build())
            .data(Map.of("json", StdFunctions.base64decode(Base64decodeArgs.builder()
                .input(mykey.privateKey())
                .build()).applyValue(_invoke -> _invoke.result())))
            .build());

    }
}

resources:
  mykey:
    type: gcp:serviceaccount:Key
    properties:
      serviceAccountId: ${myaccount.name}
  google-application-credentials:
    type: kubernetes:core/v1:Secret
    properties:
      metadata:
        name: google-application-credentials
      data:
        json:
          fn::invoke:
            function: std:base64decode
            arguments:
              input: ${mykey.privateKey}
            return: result
variables:
  myaccount:
    fn::invoke:
      function: gcp:serviceaccount:getAccount
      arguments:
        accountId: myaccount-id

Using getAccount

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getAccount(args: GetAccountArgs, opts?: InvokeOptions): Promise<GetAccountResult>
function getAccountOutput(args: GetAccountOutputArgs, opts?: InvokeOptions): Output<GetAccountResult>

def get_account(account_id: Optional[str] = None,
                project: Optional[str] = None,
                opts: Optional[InvokeOptions] = None) -> GetAccountResult
def get_account_output(account_id: Optional[pulumi.Input[str]] = None,
                project: Optional[pulumi.Input[str]] = None,
                opts: Optional[InvokeOptions] = None) -> Output[GetAccountResult]

func LookupAccount(ctx *Context, args *LookupAccountArgs, opts ...InvokeOption) (*LookupAccountResult, error)
func LookupAccountOutput(ctx *Context, args *LookupAccountOutputArgs, opts ...InvokeOption) LookupAccountResultOutput

> Note: This function is named LookupAccount in the Go SDK.

public static class GetAccount 
{
    public static Task<GetAccountResult> InvokeAsync(GetAccountArgs args, InvokeOptions? opts = null)
    public static Output<GetAccountResult> Invoke(GetAccountInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetAccountResult> getAccount(GetAccountArgs args, InvokeOptions options)
public static Output<GetAccountResult> getAccount(GetAccountArgs args, InvokeOptions options)

fn::invoke:
  function: gcp:serviceaccount/getAccount:getAccount
  arguments:
    # arguments dictionary

The following arguments are supported:

AccountId string