Syntax
A google_iam_service_account_keys
is used to test a Google ServiceAccountKey resource
Examples
describe google_iam_service_account_keys(project: 'chef-gcp-inspec', service_account: "display-name@project-id.iam.gserviceaccount.com") do
its('count') { should be <= 1000 }
end
Properties
Properties that can be accessed from the google_iam_service_account_keys
resource:
See googleiamserviceaccountkey.md for more detailed information
* key_names
: an array of google_iam_service_account_key
name
* private_key_types
: an array of google_iam_service_account_key
privatekeytype
* key_algorithms
: an array of google_iam_service_account_key
keyalgorithm
* `privatekeydata: an array of
googleiamserviceaccountkey` privatekeydata
* `publickeydata: an array of
googleiamserviceaccountkey` publickeydata
* `validaftertimes: an array of
googleiamserviceaccountkey` validaftertime
* `validbeforetimes: an array of
googleiamserviceaccountkey` validbeforetime
* `keytypes: an array of
googleiamserviceaccountkeykey_type
*
serviceaccounts: an array of
googleiamserviceaccountkey` serviceaccount
* paths
: an array of google_iam_service_account_key
path
Filter Criteria
This resource supports all of the above properties as filter criteria, which can be used
with where
as a block or a method.
GCP Permissions
Ensure the Identity and Access Management (IAM) API is enabled for the current project.