Merge branch 'develop' into release/v1.1.0

secrethub · Jul 8, 2020 · 9c653e4 · 9c653e4
2 parents 6679c03 + b2ca0d4
commit 9c653e4
Show file tree

Hide file tree

Showing 4 changed files with 49 additions and 10 deletions.
diff --git a/secrethub/resource_service_gcp.go b/secrethub/resource_service_gcp.go
@@ -27,13 +27,13 @@ func resourceServiceGCP() *schema.Resource {
 				Type:        schema.TypeString,
 				Required:    true,
 				ForceNew:    true,
-				Description: "The role name or ARN of the IAM role that should have access to this service account.",
+				Description: "The email of the Google Service Account that provides the identity of the SecretHub service account.",
 			},
 			"kms_key_id": {
 				Type:        schema.TypeString,
 				Required:    true,
 				ForceNew:    true,
-				Description: "The Resource ID of the KMS key to use to encrypt and decrypt your SecretHub key material.",
+				Description: "The Resource ID of the Cloud KMS key to use to encrypt and decrypt your SecretHub key material.",
 			},
 		},
 	}

diff --git a/website/docs/r/service_aws.html.markdown b/website/docs/r/service_aws.html.markdown
@@ -10,7 +10,7 @@ description: |-
 
 This resource allows you to manage a service account that is tied to an AWS IAM role.
 
-The native AWS identity provider uses a combination of AWS IAM and AWS KMS to provide access to SecretHub for any service running on AWS (e.g. EC2, Lambda or ECS) without needing a SecretHub credential.
+The AWS identity provider uses a combination of AWS IAM and AWS KMS to read secrets from SecretHub from any app running on AWS (EC2, ECS, Lambda, etc.) without needing to manage another key.
 
 ## Example Usage
 

diff --git a/website/docs/r/service_gcp.html.markdown b/website/docs/r/service_gcp.html.markdown
@@ -0,0 +1,33 @@
+---
+layout: "secrethub"
+page_title: "Resource: secrethub_service_gcp"
+sidebar_current: "docs-secrethub-resource-service-gcp"
+description: |-
+  Creates and manages SecretHub service accounts tied to a GCP Service Account.
+---
+
+# Resource: secrethub_service_gcp
+
+This resource allows you to manage a SecretHub service account that is tied to a GCP Service Account.
+
+The GCP identity provider uses a combination of Cloud IAM and Cloud KMS to read secrets from SecretHub from any app running on Google Cloud (GCE, GKE, etc.) without needing to manage another key.
+
+## GCP Project link
+
+Before you can use this resource, you first have to link your SecretHub namespace with your GCP project.
+You only have to do this once for your namespace and GCP project.
+
+Because the linking process uses OAuth and therefore needs a web browser login, it cannot be Terraformed and needs the SecretHub CLI:
+
+```
+secrethub service gcp link <namespace> <project id>
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `service_account_email` - (Required) The email of the Google Service Account that provides the identity of the SecretHub service account.
+* `kms_key_id` - (Required) The Resource ID of the Cloud KMS key to use to encrypt and decrypt your SecretHub key material.
+* `repo` - (Required) The path of the repository on which the service operates.
+* `description` - (Optional) A description of the service so others will recognize it.
diff --git a/website/secrethub.erb b/website/secrethub.erb
@@ -14,9 +14,10 @@
         <li<%= sidebar_current("docs-secrethub-datasource") %>>
         <a href="#">Data Sources</a>
             <ul class="nav nav-visible">
-                <li<%= sidebar_current("docs-secrethub-datasource-secret") %>>
-                    <a href="/docs/providers/secrethub/d/secret.html">secrethub_secret</a>
-                </li>
+              <li<%= sidebar_current("docs-secrethub-datasource-secret") %>>
+                <a href="/docs/providers/secrethub/d/secret.html">secrethub_secret</a>
+              </li>
+
             </ul>
         </li>
 
@@ -26,17 +27,22 @@
             <li<%= sidebar_current("docs-secrethub-resource-secret") %>>
               <a href="/docs/providers/secrethub/r/secret.html">secrethub_secret</a>
             </li>
+            <li<%= sidebar_current("docs-secrethub-resource-access-rule") %>>
+              <a href="/docs/providers/secrethub/r/access_rule.html">secrethub_access_rule</a>
+            </li>
             <li<%= sidebar_current("docs-secrethub-resource-service") %>>
               <a href="/docs/providers/secrethub/r/service.html">secrethub_service</a>
             </li>
-			<li<%= sidebar_current("docs-secrethub-resource-service-aws") %>>
+            <li<%= sidebar_current("docs-secrethub-resource-service-aws") %>>
               <a href="/docs/providers/secrethub/r/service_aws.html">secrethub_service_aws</a>
-		    </li>
-            <li<%= sidebar_current("docs-secrethub-resource-access-rule") %>>
-              <a href="/docs/providers/secrethub/r/access_rule.html">secrethub_service</a>
             </li>
+            <li<%= sidebar_current("docs-secrethub-resource-service-gcp") %>>
+              <a href="/docs/providers/secrethub/r/service_gcp.html">secrethub_service_gcp</a>
+            </li>
+
           </ul>
         </li>
+
       </ul>
     </div>
   <% end %>