darkhelm/notifications-api
1
0
Fork 0
mirror of https://github.com/GSA/notifications-api.git synced 2025-12-12 16:22:17 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
90b5261821e33b6f3d3edbd0c7808f242f43de6f
notifications-api/terraform/create_service_account.sh

73 lines
1.5 KiB
Bash
Raw Normal View History

Add basic terraform bootstrap and staging environments
2022-09-14 10:09:09 -04:00
#!/usr/bin/env bash
org="gsa-10x-prototyping"
usage="
$0: Create a Service User Account for a given space
Usage:
$0 -h
$0 -s <SPACE NAME> -u <USER NAME> [-r <ROLE NAME>] [-o <ORG NAME>]
Options:
-h: show help and exit
-s <SPACE NAME>: configure the space to act on. Required
-u <USER NAME>: set the service user name. Required
-r <ROLE NAME>: set the service user's role to either space-deployer or space-auditor. Default: space-deployer
-o <ORG NAME>: configure the organization to act on. Default: $org
"
set -e
set -o pipefail
space=""
service=""
role="space-deployer"
while getopts ":hs:u:r:o:" opt; do
case "$opt" in
s)
space=${OPTARG}
;;
u)
service=${OPTARG}
;;
r)
role=${OPTARG}
;;
o)
org=${OPTARG}
;;
h)
echo "$usage"
exit 0
;;
esac
done
if [[ $space = "" || $service = "" ]]; then
echo "$usage"
exit 1
fi
cf target -o $org -s $space 1>&2
# create user account service
cf create-service cloud-gov-service-account $role $service 1>&2
# create service key
cf create-service-key $service service-account-key 1>&2
# output service key to stdout in secrets.auto.tfvars format
creds=`cf service-key $service service-account-key | tail -n 4`
username=`echo $creds | jq '.username'`
password=`echo $creds | jq '.password'`
cat << EOF
# generated with $0 -s $space -u $service -r $role -o $org
# revoke with $(dirname $0)/destroy_service_account.sh -s $space -u $service -o $org
cf_user = $username
cf_password = $password
EOF
Reference in New Issue Copy Permalink