Make the deployer service account be optional

[EronWright]

It would be nice if the script could be used without requiring that a powerful service account be created (service_account_key var). What is the justification for such an account? The instructions would be simpler if one could simply use their own account.

The underlying Google provider for TF supports various options for credentials; one option is simply to use the Application Default Credentials, which may make it possible to directly use the user identity (via gcloud auth application-default login) (more information).

Suggestion: allow more flexible configuration of the credentials block of the google provider.

[jasonbisson]

+1 If it's a greenfield environment running the Terraform execution on the GCP platform provides the option to remove the service key.