【发布时间】:2020-07-21 07:52:42
【问题描述】:
我有下面的 terraform 模板,它创建一个用户、访问密钥并存储在秘密管理器中。
resource "aws_iam_user" "test" {
name = "test"
}
resource "aws_iam_access_key" "test" {
user = aws_iam_user.test.name
}
resource "aws_secretsmanager_secret" "test" {
name = "credentials"
description = "My credentials"
}
resource "aws_secretsmanager_secret_version" "test" {
secret_id = "${aws_secretsmanager_secret.test.id}"
secret_string = "{\"AccessKey\": data.aws_iam_access_key.test.id,\"SecretAccessKey\": data.aws_iam_access_key.test.secret}"
}
secret_string 中的值未设置。这是正确的用法吗?请帮我设置正确的值
secret_string = "{\"AccessKey\": data.aws_iam_access_key.test.id,\"SecretAccessKey\": data.aws_iam_access_key.test.secret}"
【问题讨论】:
-
您是否尝试将带有 Terraform 导出属性的 JSON 作为
secret_string的参数值传递? -
是的,你是对的。我将
id和secret创建为aws_iam_access_key资源的一部分。我需要将其作为 JSON 传递给secret_string -
试试
secret_string = jsonencode({"AccessKey" = data.aws_iam_access_key.test.id, "SecretAccessKey" = data.aws_iam_access_key.test.secret})"。 -
我收到此错误
Error: Reference to undeclared resource on iam.tf line 16, in resource "aws_secretsmanager_secret_version" "test": 16: secret_string = jsonencode({"AccessKey" = data.aws_iam_access_key.test.id, "SecretAccessKey" = data.aws_iam_access_key.test.secret}) A data resource "aws_iam_access_key" "test" has not been declared in the root module. -
它可以在没有数据的情况下工作
secret_string = jsonencode({"AccessKey" = aws_iam_access_key.test.id, "SecretAccessKey" = aws_iam_access_key.test.secret})
标签: terraform terraform-provider-aws