Enable multiple display name

terraform-google-modules · Oct 28, 2023 · 3025657 · 3025657
1 parent 4e0671a
commit 3025657
Show file tree

Hide file tree

Showing 6 changed files with 21 additions and 2 deletions.
diff --git a/examples/multiple_service_accounts/main.tf b/examples/multiple_service_accounts/main.tf
@@ -20,7 +20,7 @@ module "service_accounts" {
   prefix        = ""
   names         = ["test-first", "test-second"]
   generate_keys = true
-  display_name  = "Test Service Accounts"
+  display_names = ["Test Service Accounts first", "Test Service Accounts second"]
   description   = "Test Service Accounts description"
 
   project_roles = [

diff --git a/main.tf b/main.tf
@@ -37,7 +37,7 @@ locals {
 resource "google_service_account" "service_accounts" {
   for_each     = local.names
   account_id   = "${local.prefix}${lower(each.value)}"
-  display_name = var.display_name
+  display_name = index(var.names, each.value) >= length(var.display_names) ? var.display_name : element(var.display_names, index(var.names, each.value))
   description  = index(var.names, each.value) >= length(var.descriptions) ? var.description : element(var.descriptions, index(var.names, each.value))
   project      = var.project_id
 }

diff --git a/outputs.tf b/outputs.tf
@@ -70,3 +70,8 @@ output "keys" {
   sensitive   = true
   value       = { for k, v in local.names : k => var.generate_keys ? base64decode(google_service_account_key.keys[v].private_key) : "" }
 }
+
+output "display_names" {
+  description = "display names variable."
+  value       = var.display_names
+}
diff --git a/test/integration/multiple_service_accounts/controls/gcp.rb b/test/integration/multiple_service_accounts/controls/gcp.rb
@@ -30,4 +30,9 @@
     end
   end
 
+  attribute('display_names').each do |display_name|
+    describe google_service_accounts(project: "#{attribute('project_id')}") do
+      its('service_account_display_names'){ should include display_name }
+    end
+  end
 end
diff --git a/test/integration/multiple_service_accounts/inspec.yml b/test/integration/multiple_service_accounts/inspec.yml
@@ -30,3 +30,6 @@ attributes:
   - name: iam_emails
     required: true
     type: hash
+  - name: display_names
+    required: true
+    type: array
diff --git a/variables.tf b/variables.tf
@@ -73,6 +73,12 @@ variable "display_name" {
   default     = "Terraform-managed service account"
 }
 
+variable "display_names" {
+  type        = list(string)
+  description = "List of display_names for the created service accounts (elements default to the value of `display_name`)"
+  default     = []
+}
+
 variable "description" {
   type        = string
   description = "Default description of the created service accounts (defaults to no description)"