Fatal编程技术网

Terraform provider aws 如何为AWS CodeCommit生成HTTPS Git凭据?

Terraform provider aws 如何为AWS CodeCommit生成HTTPS Git凭据?,terraform-provider-aws,Terraform Provider Aws,我使用terraform创建IAM用户。 如何使用terraform为AWS CodeCommit生成HTTPS Git凭据 我的代码: resource "aws_iam_user" "gitlab" { name = "user-gitlab" } resource "aws_iam_policy_attachment" "gitlab" { name = "iam-gitlab" users = ["${aws_iam_user.gitlab.name}

我使用terraform创建IAM用户。 如何使用terraform为AWS CodeCommit生成HTTPS Git凭据

我的代码:

resource "aws_iam_user" "gitlab" {
  name = "user-gitlab"
}

resource "aws_iam_policy_attachment" "gitlab" {
  name       = "iam-gitlab"
  users      = ["${aws_iam_user.gitlab.name}"]
  policy_arn = "arn:aws:iam::aws:policy/AWSCodeCommitPowerUser"
}
不幸的是,Terraform中似乎不支持此API。我建议您在中发布功能请求。

不幸的是,Terraform中似乎不支持此API。我建议您在中发布功能请求。

使用data.external执行CLI脚本:

credentials=$(aws --profile dev iam list-service-specific-credentials \
  --user-name jenkins --service-name codecommit.amazonaws.com --query 'ServiceSpecificCredentials[0]')

if [[ $credentials == "null" ]]; then
  credentials=$(aws --profile dev iam create-service-specific-credential --user-name jenkins \
  --service-name codecommit.amazonaws.com --query ServiceSpecificCredential)
fi
echo "$credentials"
然后地形:

data "external" "jenkins" {
  program = ["${path.root}/jenkins.sh"]
}

resource "aws_ssm_parameter" "jenkins_cc_id" {
  name      = "${local.jenkins}/codecommit_https_user"
  value     = "${lookup(data.external.jenkins.result, "ServiceUserName", "")}"
}

resource "aws_ssm_parameter" "jenkins_cc_p" {
  name      = "${local.jenkins}/codecommit_https_pass"
  value     = "${lookup(data.external.jenkins.result, "ServicePassword", "")}"
}
使用data.external执行CLI脚本:

credentials=$(aws --profile dev iam list-service-specific-credentials \
  --user-name jenkins --service-name codecommit.amazonaws.com --query 'ServiceSpecificCredentials[0]')

if [[ $credentials == "null" ]]; then
  credentials=$(aws --profile dev iam create-service-specific-credential --user-name jenkins \
  --service-name codecommit.amazonaws.com --query ServiceSpecificCredential)
fi
echo "$credentials"
然后地形:

data "external" "jenkins" {
  program = ["${path.root}/jenkins.sh"]
}

resource "aws_ssm_parameter" "jenkins_cc_id" {
  name      = "${local.jenkins}/codecommit_https_user"
  value     = "${lookup(data.external.jenkins.result, "ServiceUserName", "")}"
}

resource "aws_ssm_parameter" "jenkins_cc_p" {
  name      = "${local.jenkins}/codecommit_https_pass"
  value     = "${lookup(data.external.jenkins.result, "ServicePassword", "")}"
}