0

I have the GCP service account key file in JSON format, which I need to export as GOOGLE_APPLICATION_CREDENTIALS. Is there a way in Terraform to provide the "contents" of this JSON file directly (instead of specifying the path to the file) in a Terraform variable block and then have Terraform interpret is as JSON? I have seen that Terraform has jsonencode and jsondecode functions, but not able to find many examples on it. Is there any other way to do this? Below is the approach I'm looking at:

variable "credentials"{
type = "string"
default="<contents of service account key file in JSON format>"
}

In Bastion start up script:

#!/bin/bash
export GOOGLE_APPLICATION_CREDENTIALS= jsonencode("${file(var.credentials)}")

So ultimately, GOOGLE_APPLICATION_CREDENTIALS should have the contents of the key file in JSON format. Can this be done in any way?

Meghana B Srinath
  • 105
  • 2
  • 9
  • Is this for passing the credentials to Terraform's GCP provider, or passing the credentials to a cloud resource which Terraform creates? – Craig Watson Oct 03 '19 at 07:49
  • I need to do both- pass the credentials to GCP provider for authentication AND also need the same credentials to be exported to a file in my bastion start up script part. – Meghana B Srinath Oct 03 '19 at 07:52
  • This helped me to implement the above case: https://serverfault.com/questions/986365/unable-to-export-service-account-key-in-terraform-gcp – Meghana B Srinath Dec 05 '19 at 17:06

0 Answers0