Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

RSS

google-giam (1) Versions 0.1.1

A Chef cookbook to manage Google Cloud IAM resources

Berkshelf
Policyfile
Knife
cookbook 'google-giam', '~> 0.1.1'
cookbook 'google-giam', '~> 0.1.1', :supermarket
knife supermarket install google-giam
knife supermarket download google-giam
README
Dependencies
Changelog
Quality 50%

Google Cloud IAM Chef Cookbook

This cookbook provides the built-in types and services for Chef to manage Google Cloud IAM resources, as native Chef types.

Requirements

Platforms

Supported Operating Systems

This cookbook was tested on the following operating systems:

  • RedHat 6, 7
  • CentOS 6, 7
  • Debian 7, 8
  • Ubuntu 12.04, 14.04, 16.04, 16.10
  • SLES 11-sp4, 12-sp2
  • openSUSE 13
  • Windows Server 2008 R2, 2012 R2, 2012 R2 Core, 2016 R2, 2016 R2 Core

Example

giam_service_account 'test-account@graphite-playground.google.com.iam.gserviceaccount.com' do
  action :create
  display_name 'My Chef test key'
  project ENV['PROJECT']
  credential 'mycred'
end

giam_service_account_key 'test-name' do
  action :create
  service_account 'test-account@graphite-playground.google.com.iam.gserviceaccount.com'
  path '/home/alexstephen/test_key.json'
  key_algorithm 'KEY_ALG_RSA_2048'
  private_key_type 'TYPE_GOOGLE_CREDENTIALS_FILE'
  project ENV['PROJECT']
  credential 'mycred'
end

Credentials

All Google Cloud Platform cookbooks use an unified authentication mechanism, provided by the google-gauth cookbook. Don't worry, it is automatically installed when you install this module.

Example

gauth_credential 'mycred' do
  action :serviceaccount
  path ENV['CRED_PATH'] # e.g. '/path/to/my_account.json'
  scopes [
    'https://www.googleapis.com/auth/iam'
  ]
end

For complete details of the authentication cookbook, visit the google-gauth cookbook documentation.

Resources

giam_service_account

A service account in the Identity and Access Management API.

Example

giam_service_account 'test-account@graphite-playground.google.com.iam.gserviceaccount.com' do
  action :create
  display_name 'My Chef test key'
  project ENV['PROJECT']
  credential 'mycred'
end

Reference

giam_service_account 'id-for-resource' do
  display_name     string
  email            string
  name             string
  oauth2_client_id string
  unique_id        string
  project_id       string
  project          string
  credential       reference to gauth_credential
end

Actions

  • create - Converges the giam_service_account resource into the final state described within the block. If the resource does not exist, Chef will attempt to create it.
  • delete - Ensures the giam_service_account resource is not present. If the resource already exists Chef will attempt to delete it.

Properties

  • name - The name of the service account.

  • project_id - Output only. Id of the project that owns the service account.

  • unique_id - Output only. Unique and stable id of the service account

  • email - Output only. Email address of the service account.

  • display_name - User specified description of service account.

  • oauth2_client_id - Output only. OAuth2 client id for the service account.

Label

Set the sa_label property when attempting to set primary key of this object. The primary key will always be referred to by the initials of the resource followed by "_label"

giam_service_account_key

A service account in the Identity and Access Management API.

Example

giam_service_account 'test-account@graphite-playground.google.com.iam.gserviceaccount.com' do
  action :create
  display_name 'My Chef test key'
  project ENV['PROJECT']
  credential 'mycred'
end

giam_service_account_key 'test-name' do
  action :create
  service_account 'test-account@graphite-playground.google.com.iam.gserviceaccount.com'
  path '/home/alexstephen/test_key.json'
  key_algorithm 'KEY_ALG_RSA_2048'
  private_key_type 'TYPE_GOOGLE_CREDENTIALS_FILE'
  project ENV['PROJECT']
  credential 'mycred'
end

Reference

giam_service_account_key 'id-for-resource' do
  fail_if_mismatch  boolean
  key_algorithm     'KEY_ALG_UNSPECIFIED', 'KEY_ALG_RSA_1024' or 'KEY_ALG_RSA_2048'
  key_id            string
  name              string
  path              string
  private_key_data  string
  private_key_type  'TYPE_UNSPECIFIED', 'TYPE_PKCS12_FILE' or 'TYPE_GOOGLE_CREDENTIALS_FILE'
  public_key_data   string
  service_account   reference to giam_service_account
  valid_after_time  time
  valid_before_time time
  project           string
  credential        reference to gauth_credential
end

Actions

  • create - Converges the giam_service_account_key resource into the final state described within the block. If the resource does not exist, Chef will attempt to create it.
  • delete - Ensures the giam_service_account_key resource is not present. If the resource already exists Chef will attempt to delete it.

Properties

  • name - Output only. The name of the key.

  • private_key_type - Output format for the service account key.

  • key_algorithm - Specifies the algorithm for the key.

  • private_key_data - Output only. Private key data. Base-64 encoded.

  • public_key_data - Output only. Public key data. Base-64 encoded.

  • valid_after_time - Output only. Key can only be used after this time.

  • valid_before_time - Output only. Key can only be used before this time.

  • service_account - The name of the serviceAccount.

  • path - The full name of the file that will hold the service account private key. The management of this file will depend on the value of sync_file parameter. File path must be absolute.

  • key_id - Used to ensure the deletion of the key in the absence of a key file.

  • fail_if_mismatch - If set to 'true' protects the target file from being rewritten with a new private key. By default the file is always ensured to have a valid private key on final state.

Label

Set the sak_label property when attempting to set primary key of this object. The primary key will always be referred to by the initials of the resource followed by "_label"

Dependent cookbooks

google-gauth < 0.2.0

Contingent cookbooks

There are no cookbooks that are contingent upon this one.

Changelog

0.1.1 (2018-02-02)

Initial release

Collaborator Number Metric
            

0.1.1 failed this metric

Failure: Cookbook has 0 collaborators. A cookbook must have at least 2 collaborators to pass this metric.

Contributing File Metric
            

0.1.1 passed this metric

Foodcritic Metric
            

0.1.1 failed this metric

FC117: Do not use kind_of in custom resource properties: google-giam/resources/service_account_key.rb:73
Run with Foodcritic Version 14.3.0 with tags metadata,correctness ~FC031 ~FC045 and failure tags any

No Binaries Metric
            

0.1.1 passed this metric

Publish Metric
            

0.1.1 passed this metric

Supported Platforms Metric
            

0.1.1 passed this metric

Testing File Metric
            

0.1.1 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file

Version Tag Metric
            

0.1.1 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number