Warning: file_get_contents(/data/phpspider/zhask/data//catemap/8/api/5.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Terraform 地形资源aws_elastic_beanstalk_环境和敏感数据_Terraform - Fatal编程技术网

Terraform 地形资源aws_elastic_beanstalk_环境和敏感数据

Terraform 地形资源aws_elastic_beanstalk_环境和敏感数据,terraform,Terraform,我有一个beanstalk模块,它有一个用于aws_elastic_beanstalk_环境的地形资源,该环境从地图加载环境变量 resource "aws_elastic_beanstalk_environment" "default" { name = module.label.id ... ... dynamic "setting" { for_each = var.en

我有一个beanstalk模块,它有一个用于aws_elastic_beanstalk_环境的地形资源,该环境从地图加载环境变量

resource "aws_elastic_beanstalk_environment" "default" {
  name                   = module.label.id
  ...
  ...
  dynamic "setting" {
    for_each = var.env_vars
    content {
      namespace = "aws:elasticbeanstalk:application:environment"
      name      = setting.key
      value     = setting.value
      resource  = ""
    }
  }
  ... 
我还从数据源aws_secretsmanager_secret加载机密,并将它们传递给beanstalk模块

module "web-secrets" {
  source = "../modules/web/secrets" <- just loads secrets was data source aws_secrets_manager_secret
}

module "elastic-beanstalk-environment-lenz" {
  source                             = "../modules/beanstalk/beanstalk"
  ...
  ...

  env_vars = {
    "APPLICATION_NAME"        = "web"
    ...
    ...
    "API_KEY" = module.web-secrets.api_key
  }
}

由于我正在使用Terraform cloud,在将输出返回到屏幕之前,我无法尝试使用tfmask中的另一个实用程序隐藏敏感信息。

通常,您只需将机密的名称作为env变量传递给EB即可。然后在你的应用程序中,你将实际获取秘密的价值。嗨,Marcin,我没有机会让我的开发者在应用程序启动之前从SSM获取秘密。
terraform plan
      ...
      ...
      + setting {
          + name      = "API_KEY"
          + namespace = "aws:elasticbeanstalk:application:environment"
          + value     = "password"
        }
      ...