From 0a7a83433fe503fac01f4a258e39cbd2e6d45362 Mon Sep 17 00:00:00 2001
From: aissi <silvioaissi43@gmail.com>
Date: Thu, 4 Dec 2025 11:01:15 +0100
Subject: [PATCH] commit

---
 tp-cloud/terraform/modules/iam/main.tf      | 31 +++++++++++++++++++++
 tp-cloud/terraform/modules/iam/outputs.tf   | 10 +++++++
 tp-cloud/terraform/modules/iam/variables.tf |  6 ++--
 3 files changed, 45 insertions(+), 2 deletions(-)

diff --git a/tp-cloud/terraform/modules/iam/main.tf b/tp-cloud/terraform/modules/iam/main.tf
index e69de29..0f31267 100644
--- a/tp-cloud/terraform/modules/iam/main.tf
+++ b/tp-cloud/terraform/modules/iam/main.tf
@@ -0,0 +1,31 @@
+
+# Compte service terraform
+
+resource "google_service_account" "terraform_sa" {
+  account_id   = "terraform-sa"
+  display_name = "terraform compte service"
+}
+
+resource "google_service_account_key" "terraform_sa_key" {
+  service_account_id = google_service_account.terraform_sa.name
+  public_key_type    = "TYPE_X509_PEM_FILE"
+
+}
+
+resource "google_project_iam_binding" "custom_service_account" {
+  project = var.project_id
+  role    = "roles/viewer"
+
+  members = [
+    "serviceAccount:${google_service_account.service_account.email}",
+  ]
+}
+
+data "google_client_openid_userinfo" "me" {
+}
+
+resource "google_os_login_ssh_public_key" "cache" {
+  user =  data.google_client_openid_userinfo.me.email
+  project = var.project_id
+  key = file("~/.ssh/id_ed25519.pub")
+}
diff --git a/tp-cloud/terraform/modules/iam/outputs.tf b/tp-cloud/terraform/modules/iam/outputs.tf
index e69de29..68af702 100644
--- a/tp-cloud/terraform/modules/iam/outputs.tf
+++ b/tp-cloud/terraform/modules/iam/outputs.tf
@@ -0,0 +1,10 @@
+output "service_account_email" {
+  description = "Service account email."
+  value = google_service_account.service_account.email
+}
+
+output "service_account_key" {
+  description = "Service account key."
+  sensitive   = true
+  value       = google_service_account_key.mykey.private_key
+}
\ No newline at end of file
diff --git a/tp-cloud/terraform/modules/iam/variables.tf b/tp-cloud/terraform/modules/iam/variables.tf
index 5ac1614..1668015 100644
--- a/tp-cloud/terraform/modules/iam/variables.tf
+++ b/tp-cloud/terraform/modules/iam/variables.tf
@@ -1,2 +1,4 @@
-# À vous de définir :
-# - project_id (string)
\ No newline at end of file
+variable "project_id" {
+  description = "ID du projet GCP dans lequel appliquer les règles IAM"
+  type        = string
+}