Google Cloud Storage Hmac Key
This page shows how to write Terraform for Cloud Storage Hmac Key and write them securely.
google_storage_hmac_key (Terraform)
The Hmac Key in Cloud Storage can be configured in Terraform with the resource name google_storage_hmac_key
. The following sections describe 2 examples of how to use the resource and its parameters.
Example Usage from GitHub
resource "google_storage_hmac_key" "key" {
service_account_email = google_service_account.service_account.email
}
# [END storage_hmac_key]
resource "google_storage_hmac_key" "this" {
project = var.project
service_account_email = var.service_account_email
state = var.state
dynamic "timeouts" {
Parameters
-
access_id
optional computed - string
The access ID of the HMAC Key.
HMAC secret key material.
-
service_account_email
required - string
The email address of the key's associated service account.
-
state
optional - string
The state of the key. Can be set to one of ACTIVE, INACTIVE. Default value: "ACTIVE" Possible values: ["ACTIVE", "INACTIVE"]
-
time_created
optional computed - string
'The creation time of the HMAC key in RFC 3339 format. '
-
updated
optional computed - string
'The last modification time of the HMAC key metadata in RFC 3339 format.'
Explanation in Terraform Registry
The hmacKeys resource represents an HMAC key within Cloud Storage. The resource consists of a secret and HMAC key metadata. HMAC keys can be used as credentials for service accounts. To get more information about HmacKey, see:
- API documentation
- How-to Guides
- Official Documentation
Warning: All arguments including the
secret
value will be stored in the raw state as plain-text. Read more about sensitive data in state. On import, thesecret
value will not be retrieved.Warning: All arguments including
secret
will be stored in the raw state as plain-text. Read more about sensitive data in state.
Tips: Best Practices for The Other Google Cloud Storage Resources
In addition to the google_storage_bucket, Google Cloud Storage has the other resources that should be configured for security reasons. Please check some examples of those resources and precautions.
google_storage_bucket
Ensure uniform bucket-level access of your GCS bucket is enabled
It is better to enable uniform bucket-level access of the GCS bucket. Uniform bucket-level access unifies and simplifies how you grant access to resources in the bucket.
Frequently asked questions
What is Google Cloud Storage Hmac Key?
Google Cloud Storage Hmac Key is a resource for Cloud Storage of Google Cloud Platform. Settings can be wrote in Terraform.
Where can I find the example code for the Google Cloud Storage Hmac Key?
For Terraform, the terraform-google-modules/terraform-docs-samples and niveklabs/google source code examples are useful. See the Terraform Example section for further details.