Reputation: 1103
Enable "Interoperable" access for GCS with Terraform?
Is it possible to enable s3 compatible access to GCS using Terraform and generate / retrieve keypairs?
The help states:
The Interoperability API lets you use HMAC authentication and lets Cloud Storage interoperate with tools written for other cloud storage systems. Turn on this API only if you require interoperable access for the current user. This API is enabled per project member, not per project. Each member can set a default project and maintain their own access keys.
Which leads me to believe this would be an attribute of the user, and not of the storage subsystem. I haven't been able to find anything in TF, gcloud or API documentation.
Thanks in advance
Upvotes: 5
Views: 1495
Answers (1)
Reputation: 336
Yes, create a service account that should use the interoperability APIs and then create a google_storage_hmac_key:
resource "google_service_account" "test" {
account_id = "interop-test"
}
resource "google_storage_hmac_key" "test" {
service_account_email = google_service_account.test.email
}
output "access_key" {
value = google_storage_hmac_key.test.access_id
}
output "secret_key" {
value = google_storage_hmac_key.test.secret
sensitive = true
}
Upvotes: 1
Related Questions
- Google Cloud credentials with Terraform
- How to achieve multiple gcs backends in terraform
- Set up Google Cloud Platform (GCP) authentication for Terraform Cloud
- GCP - Storage Service Account Access Issue
- Terraform unable to recognize private service access connection for FileStore in Shared VPC
- Authentication to GCP in terraform
- Issues with Setting up gcs backend for terraform
- Terraform granting access on GCP Bigquery
- Temporary Access to GCP Resources
- Terraform backend remote config with Google Cloud Buckets