stackit-dev-tools/terraform-provider-stackitprivatepreview
3
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions
terraform-provider-stackitp.../docs/resources/service_account_access_token.md
Mauritz Uphoff 5320e0cd7e
chore(provider): mark deprecation for service_account_token (#920) 
* chore(provider): make deprecation for service_account_token

---------

Signed-off-by: Mauritz Uphoff <mauritz.uphoff@stackit.cloud>
Co-authored-by: Ruben Hoenle <Ruben.Hoenle@stackit.cloud>
2025-08-05 11:31:26 +02:00

3.3 KiB
Raw Blame History

page_title subcategory description
stackit_service_account_access_token Resource - stackit Service account access token schema. !> This resource is scheduled for deprecation and will be removed on December 17, 2025. To ensure a smooth transition, please refer to our migration guide at https://docs.stackit.cloud/stackit/en/deprecation-plan-for-service-account-access-tokens-and-migration-guide-373293307.html for detailed instructions and recommendations. Example Usage Automatically rotate access tokens resource "stackit_service_account" "sa" { project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" name = "sa01" } resource "time_rotating" "rotate" { rotation_days = 80 } resource "stackit_service_account_access_token" "sa_token" { project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" service_account_email = stackit_service_account.sa.email ttl_days = 180 rotate_when_changed = { rotation = time_rotating.rotate.id } }

stackit_service_account_access_token (Resource)

Service account access token schema.

!> This resource is scheduled for deprecation and will be removed on December 17, 2025. To ensure a smooth transition, please refer to our migration guide at https://docs.stackit.cloud/stackit/en/deprecation-plan-for-service-account-access-tokens-and-migration-guide-373293307.html for detailed instructions and recommendations.

Example Usage

Automatically rotate access tokens

resource "stackit_service_account" "sa" {
  project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
  name       = "sa01"
}

resource "time_rotating" "rotate" {
  rotation_days = 80
}

resource "stackit_service_account_access_token" "sa_token" {
  project_id            = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
  service_account_email = stackit_service_account.sa.email
  ttl_days              = 180

  rotate_when_changed = {
    rotation = time_rotating.rotate.id
  }
}

Schema

Required

  • project_id (String) STACKIT project ID associated with the service account token.
  • service_account_email (String) Email address linked to the service account.

Optional

  • rotate_when_changed (Map of String) A map of arbitrary key/value pairs that will force recreation of the token when they change, enabling token rotation based on external conditions such as a rotating timestamp. Changing this forces a new resource to be created.
  • ttl_days (Number) Specifies the token's validity duration in days. If unspecified, defaults to 90 days.

Read-Only

  • access_token_id (String) Identifier for the access token linked to the service account.
  • active (Boolean) Indicate whether the token is currently active or inactive
  • created_at (String) Timestamp indicating when the access token was created.
  • id (String) Terraform's internal resource identifier. It is structured as "project_id,service_account_email,access_token_id".
  • token (String, Sensitive) JWT access token for API authentication. Prefixed by 'Bearer' and should be stored securely as it is irretrievable once lost.
  • valid_until (String) Estimated expiration timestamp of the access token. For precise validity, check the JWT details.