From ff51fcdbf35de2ba5bab3ba6ec54707911f5fce6 Mon Sep 17 00:00:00 2001
From: Chris ter Beke <1134120+ChrisTerBeke@users.noreply.github.com>
Date: Wed, 22 May 2024 22:49:03 +0200
Subject: [PATCH] Add nomad WIF

---
 wif.tf | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 wif.tf

diff --git a/wif.tf b/wif.tf
new file mode 100644
index 0000000..111f1b8
--- /dev/null
+++ b/wif.tf
@@ -0,0 +1,18 @@
+resource "google_iam_workload_identity_pool" "nomad" {
+  workload_identity_pool_id = "nomad"
+}
+
+resource "google_iam_workload_identity_pool_provider" "nomad" {
+  workload_identity_pool_id          = google_iam_workload_identity_pool.nomad.workload_identity_pool_id
+  workload_identity_pool_provider_id = "nomad"
+  display_name                       = "Nomad Workloads"
+
+  attribute_mapping = {
+    "google.subject" = "assertion.sub"
+  }
+
+  oidc {
+    allowed_audiences = ["gcp"]
+    issuer_uri        = "https://nomad.christerbeke.com"
+  }
+}