feat/implement-sa-keys (#720)

* feat: implement service account key resource

Author: h3adex

docs/resources/service_account_key.md

@@ -0,0 +1,82 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "stackit_service_account_key Resource - stackit"
+subcategory: ""
+description: |-
+  Service account key schema.
+  ~> This resource is in beta and may be subject to breaking changes in the future. Use with caution. See our guide https://registry.terraform.io/providers/stackitcloud/stackit/latest/docs/guides/opting_into_beta_resources for how to opt-in to use beta resources.
+  Example Usage
+  Automatically rotate service account keys
+  
+  resource "stackit_service_account" "sa" {
+    project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
+    name       = "sa01"
+  }
+  
+  resource "time_rotating" "rotate" {
+    rotation_days = 80
+  }
+  
+  resource "stackit_service_account_key" "sa_key" {
+    project_id            = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
+    service_account_email = stackit_service_account.sa.email
+    ttl_days              = 90
+  
+    rotate_when_changed = {
+      rotation = time_rotating.rotate.id
+    }	
+  }
+---
+
+# stackit_service_account_key (Resource)
+
+Service account key schema.
+
+~> This resource is in beta and may be subject to breaking changes in the future. Use with caution. See our [guide](https://registry.terraform.io/providers/stackitcloud/stackit/latest/docs/guides/opting_into_beta_resources) for how to opt-in to use beta resources.
+## Example Usage
+
+
+### Automatically rotate service account keys
+```terraform
+resource "stackit_service_account" "sa" {
+  project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
+  name       = "sa01"
+}
+
+resource "time_rotating" "rotate" {
+  rotation_days = 80
+}
+
+resource "stackit_service_account_key" "sa_key" {
+  project_id            = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
+  service_account_email = stackit_service_account.sa.email
+  ttl_days              = 90
+
+  rotate_when_changed = {
+    rotation = time_rotating.rotate.id
+  }	
+}
+
+```
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `project_id` (String) The STACKIT project ID associated with the service account key.
+- `service_account_email` (String) The email address associated with the service account, used for account identification and communication.
+
+### Optional
+
+- `public_key` (String) Specifies the public_key (RSA2048 key-pair). If not provided, a certificate from STACKIT will be used to generate a private_key.
+- `rotate_when_changed` (Map of String) A map of arbitrary key/value pairs designed to force key recreation when they change, facilitating key rotation based on external factors such as a changing timestamp. Modifying this map triggers the creation of a new resource.
+- `ttl_days` (Number) Specifies the key's validity duration in days. If left unspecified, the key is considered valid until it is deleted
+
+### Read-Only
+
+- `id` (String) Terraform's internal resource identifier. It is structured as "`project_id`,`service_account_email`,`key_id`".
+- `json` (String, Sensitive) The raw JSON representation of the service account key json, available for direct use.
+- `key_id` (String) The unique identifier for the key associated with the service account.

stackit/internal/services/serviceaccount/key/const.go

@@ -0,0 +1,26 @@
+package key
+
+const markdownDescription = `
+## Example Usage` + "\n" + `
+
+### Automatically rotate service account keys` + "\n" +
+	"```terraform" + `
+resource "stackit_service_account" "sa" {
+  project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
+  name       = "sa01"
+}
+
+resource "time_rotating" "rotate" {
+  rotation_days = 80
+}
+
+resource "stackit_service_account_key" "sa_key" {
+  project_id            = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
+  service_account_email = stackit_service_account.sa.email
+  ttl_days              = 90
+
+  rotate_when_changed = {
+    rotation = time_rotating.rotate.id
+  }	
+}
+` + "\n```"