Google Cloud Platform Service Account

This page shows how to write Terraform for Cloud Platform Service Account and write them securely.

google_service_account (Terraform)

The Service Account in Cloud Platform can be configured in Terraform with the resource name google_service_account. The following sections describe 3 examples of how to use the resource and its parameters.

Example Usage from GitHub

resource "google_service_account" "terraform" {
  account_id   = "terraform"
  display_name = "terraform"

resource "google_service_account" "pubsub" {
resource "google_service_account" "register-buid" {
  account_id   = "register-buid"
  display_name = "register-buid firebase function service account"

resource "google_service_account" "is-buid-active" {
resource "google_service_account" "register-buid" {
  account_id   = "register-buid"
  display_name = "register-buid firebase function service account"

resource "google_service_account" "is-buid-active" {


  • account_id required - string
    • The account id that is used to generate the service account email address and a stable unique id. It is unique within a project, must be 6-30 characters long, and match the regular expression a-z to comply with RFC1035. Changing this forces a new service account to be created.

  • description optional - string
    • A text description of the service account. Must be less than or equal to 256 UTF-8 bytes.

  • display_name optional - string
    • The display name for the service account. Can be updated without creating a new resource.

  • email requiredcomputed - string
    • The e-mail address of the service account. This value should be referenced from any google_iam_policy data sources that would grant the service account privileges.

  • id optionalcomputed - string
  • name requiredcomputed - string
    • The fully-qualified name of the service account.

  • project optionalcomputed - string
    • The ID of the project that the service account will be created in. Defaults to the provider project configuration.

  • unique_id requiredcomputed - string
    • The unique id of the service account.

Explanation in Terraform Registry

Allows management of a Google Cloud service account.

  • API documentation
  • How-to Guides
    • Official Documentation ->Warning: If you delete and recreate a service account, you must reapply any IAM roles that it had before. -> Creation of service accounts is eventually consistent, and that can lead to errors when you try to apply ACLs to service accounts immediately after creation. If using these resources in the same config, you can add a sleep using local-exec.

Frequently asked questions

What is Google Cloud Platform Service Account?

Google Cloud Platform Service Account is a resource for Cloud Platform of Google Cloud Platform. Settings can be wrote in Terraform.

Where can I find the example code for the Google Cloud Platform Service Account?

For Terraform, the jkkitakita/my-terraform, covid19cz/erouska-firebase and covid19cz/erouska-firebase source code examples are useful. See the Terraform Example section for further details.


Scan your IaC problem in 3 minutes for free

You can keep your IaC security for free. No credit card required.