search

Terraform Scripts

hashtag
Overview

Choose the deployment model that best fits your organization's needs:

hashtag
Option 1: Centralized Service Accounts

Best for: Organizations that prefer centralized identity management

Architecture

  • All service accounts are created in a single centralized project

  • Each service account is granted permissions in its corresponding project

  • One Workload identity pool shared across all projects

Benefits

  • Centralized management and auditing

  • Easier to track and manage all Teleskope service accounts

file-archive
3KB
centralized-svc-accts.zip
archive
arrow-up-right-from-squareOpen

hashtag
Option 2: Per-Project Service Accounts

Best for: Organizations that prefer project-level isolation and want service accounts to reside in the same project where they're used

Architecture

  • Service Accounts are created in each project

  • Workload Identity pools are created per project

  • Each project has its own isolated identity configuration

Benefits

  • Complete project-level isolation

  • Service accounts live alongside the resources they access

file-archive
2KB
per-proj-svc-accts.zip
archive
arrow-up-right-from-squareOpen
PreviousBigQueryNextCloud Storage

Last updated

Was this helpful?