Datasource for retrieving GCS service account

Author: ishashchuk

google/data_source_google_storage_project_service_account.go

@@ -0,0 +1,44 @@
+package google
+
+import (
+	"fmt"
+	"net/http"
+
+	"github.com/hashicorp/terraform/helper/schema"
+	"google.golang.org/api/googleapi"
+)
+
+func dataSourceGoogleStorageProjectServiceAccount() *schema.Resource {
+	return &schema.Resource{
+		Read: dataSourceGoogleStorageProjectServiceAccountRead,
+		Schema: map[string]*schema.Schema{
+			"email_address": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+		},
+	}
+}
+
+func dataSourceGoogleStorageProjectServiceAccountRead(d *schema.ResourceData, meta interface{}) error {
+	config := meta.(*Config)
+
+	project, err := getProject(d, config)
+	if err != nil {
+		return err
+	}
+
+	serviceAccount, err := config.clientStorage.Projects.ServiceAccount.Get(project).Do()
+	if err != nil {
+		if gerr, ok := err.(*googleapi.Error); ok && gerr.Code == http.StatusNotFound {
+			return fmt.Errorf("GCS service account not found")
+		}
+
+		return fmt.Errorf("Error reading GCS service account: %s", err)
+	}
+
+	d.SetId(serviceAccount.EmailAddress)
+	d.Set("email_address", serviceAccount.EmailAddress)
+
+	return nil
+}

google/data_source_google_storage_project_service_account_test.go

@@ -0,0 +1,30 @@
+package google
+
+import (
+	"testing"
+
+	"github.com/hashicorp/terraform/helper/resource"
+)
+
+func TestAccDataSourceGoogleStorageProjectServiceAccount_basic(t *testing.T) {
+	t.Parallel()
+
+	resourceName := "data.google_storage_project_service_account.gcs_account"
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:  func() { testAccPreCheck(t) },
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccCheckGoogleStorageProjectServiceAccount_basic,
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttrSet(resourceName, "email_address"),
+				),
+			},
+		},
+	})
+}
+
+const testAccCheckGoogleStorageProjectServiceAccount_basic = `
+data "google_storage_project_service_account" "gcs_account" { }
+`

google/provider.go

@@ -60,29 +60,30 @@ func Provider() terraform.ResourceProvider {
 		},
 
 		DataSourcesMap: map[string]*schema.Resource{
-			"google_active_folder":                 dataSourceGoogleActiveFolder(),
-			"google_billing_account":               dataSourceGoogleBillingAccount(),
-			"google_dns_managed_zone":              dataSourceDnsManagedZone(),
-			"google_client_config":                 dataSourceGoogleClientConfig(),
-			"google_cloudfunctions_function":       dataSourceGoogleCloudFunctionsFunction(),
-			"google_compute_address":               dataSourceGoogleComputeAddress(),
-			"google_compute_image":                 dataSourceGoogleComputeImage(),
-			"google_compute_global_address":        dataSourceGoogleComputeGlobalAddress(),
-			"google_compute_lb_ip_ranges":          dataSourceGoogleComputeLbIpRanges(),
-			"google_compute_network":               dataSourceGoogleComputeNetwork(),
-			"google_compute_subnetwork":            dataSourceGoogleComputeSubnetwork(),
-			"google_compute_zones":                 dataSourceGoogleComputeZones(),
-			"google_compute_instance_group":        dataSourceGoogleComputeInstanceGroup(),
-			"google_compute_region_instance_group": dataSourceGoogleComputeRegionInstanceGroup(),
-			"google_compute_vpn_gateway":           dataSourceGoogleComputeVpnGateway(),
-			"google_container_cluster":             dataSourceGoogleContainerCluster(),
-			"google_container_engine_versions":     dataSourceGoogleContainerEngineVersions(),
-			"google_container_registry_repository": dataSourceGoogleContainerRepo(),
-			"google_container_registry_image":      dataSourceGoogleContainerImage(),
-			"google_iam_policy":                    dataSourceGoogleIamPolicy(),
-			"google_kms_secret":                    dataSourceGoogleKmsSecret(),
-			"google_organization":                  dataSourceGoogleOrganization(),
-			"google_storage_object_signed_url":     dataSourceGoogleSignedUrl(),
+			"google_active_folder":                   dataSourceGoogleActiveFolder(),
+			"google_billing_account":                 dataSourceGoogleBillingAccount(),
+			"google_dns_managed_zone":                dataSourceDnsManagedZone(),
+			"google_client_config":                   dataSourceGoogleClientConfig(),
+			"google_cloudfunctions_function":         dataSourceGoogleCloudFunctionsFunction(),
+			"google_compute_address":                 dataSourceGoogleComputeAddress(),
+			"google_compute_image":                   dataSourceGoogleComputeImage(),
+			"google_compute_global_address":          dataSourceGoogleComputeGlobalAddress(),
+			"google_compute_lb_ip_ranges":            dataSourceGoogleComputeLbIpRanges(),
+			"google_compute_network":                 dataSourceGoogleComputeNetwork(),
+			"google_compute_subnetwork":              dataSourceGoogleComputeSubnetwork(),
+			"google_compute_zones":                   dataSourceGoogleComputeZones(),
+			"google_compute_instance_group":          dataSourceGoogleComputeInstanceGroup(),
+			"google_compute_region_instance_group":   dataSourceGoogleComputeRegionInstanceGroup(),
+			"google_compute_vpn_gateway":             dataSourceGoogleComputeVpnGateway(),
+			"google_container_cluster":               dataSourceGoogleContainerCluster(),
+			"google_container_engine_versions":       dataSourceGoogleContainerEngineVersions(),
+			"google_container_registry_repository":   dataSourceGoogleContainerRepo(),
+			"google_container_registry_image":        dataSourceGoogleContainerImage(),
+			"google_iam_policy":                      dataSourceGoogleIamPolicy(),
+			"google_kms_secret":                      dataSourceGoogleKmsSecret(),
+			"google_organization":                    dataSourceGoogleOrganization(),
+			"google_storage_object_signed_url":       dataSourceGoogleSignedUrl(),
+			"google_storage_project_service_account": dataSourceGoogleStorageProjectServiceAccount(),
 		},
 
 		ResourcesMap: map[string]*schema.Resource{

website/docs/d/google_storage_project_service_account.html.markdown

@@ -0,0 +1,38 @@
+---
+layout: "google"
+page_title: "Google: google_storage_project_service_account"
+sidebar_current: "docs-google-datasource-storage-project-service-account"
+description: |-
+  Get the email address of the project's Google Cloud Storage service account
+---
+
+# google\_client\_config
+
+Use this data source to get the email address of the project's Google Cloud Storage service account.
+ For more information see 
+[API](https://cloud.google.com/storage/docs/json_api/v1/projects/serviceAccount).
+
+## Example Usage
+
+```hcl
+data "google_storage_project_service_account" "gcs_account" {}
+
+resource "google_pubsub_topic_iam_binding" "binding" {
+	topic       = "${google_pubsub_topic.topic.name}"
+	role        = "roles/pubsub.publisher"
+		  
+	members     = ["${data.google_storage_project_service_account.gcs_account.id}"]
+}
+```
+
+## Argument Reference
+
+There are no arguments available for this data source.
+
+## Attributes Reference
+
+In addition to the arguments listed above, the following attributes are exported:
+
+* `id` - The ID of the service account, which is its email_address
+
+* `email_address` - The email_address for this account

website/google.erb

@@ -82,6 +82,9 @@
       <li<%= sidebar_current("docs-google-datasource-signed_url") %>>
         <a href="/docs/providers/google/d/signed_url.html">google_storage_object_signed_url</a>
       </li>
+      <li<%= sidebar_current("docs-google-datasource-storage-project-service-account") %>>
+        <a href="/docs/providers/google/d/google_storage_project_service_account.html">google_storage_project_service_account</a>
+      </li>
     </ul>
     </li>