IBMCloud和terraform:如何创建和下载API密钥?
有了它就有可能 我还成功创建了一个服务IDIBMCloud和terraform:如何创建和下载API密钥?,terraform,ibm-cloud,ibm-iam,terraform-provider-ibm,Terraform,Ibm Cloud,Ibm Iam,Terraform Provider Ibm,有了它就有可能 我还成功创建了一个服务ID resource "ibm_iam_service_id" "serviceID" { name = "test" description = "New ServiceID" } 如何创建API密钥,下载它并使用它在服务ID下运行下一个terraform应用程序?以及最近更新的功能 旧的 这个任务有点棘手,因为插件不返回 有两种选择。一种是使用带有c
resource "ibm_iam_service_id" "serviceID" {
name = "test"
description = "New ServiceID"
}
如何创建API密钥,下载它并使用它在服务ID下运行下一个
terraform应用程序
?以及最近更新的功能
旧的
这个任务有点棘手,因为插件不返回
有两种选择。一种是使用带有curl和jq的空资源
resource "null_resource" "devops_iam_id" {
// Get iam_id for service ID
provisioner "local-exec" {
command = "curl -X GET 'https://iam.cloud.ibm.com/v1/serviceids/${ibm_iam_service_id.myServiceID.id}' -H 'Authorization: ${data.ibm_iam_auth_token.iam_tokendata.iam_access_token}' -H 'Content-Type: application/json' | jq '.iam_id'"
}
}
另一种选择是利用iam_id似乎只是前缀iam-
,后跟唯一id这一事实。因此,以下内容适合我:
// Create a service ID for devops tasks
resource "ibm_iam_service_id" "myServiceID" {
name = "myServiceID"
description = "ServiceID for deploying the app and devops tasks"
// create and download API key
provisioner "local-exec" {
command = "curl -X POST 'https://iam.cloud.ibm.com/v1/apikeys' -H 'Authorization: ${data.ibm_iam_auth_token.iam_tokendata.iam_access_token}' -H 'Content-Type: application/json' -d '{ \"name\":\"henrikTestKey\", \"iam_id\":\"iam-${ibm_iam_service_id.myServiceID.id}\", \"store_value\": true}' > apikeyOutput.json"
}
}
更新:通过此操作,将返回iam_id,并可直接寻址:
// Create a service ID for devops tasks
resource "ibm_iam_service_id" "myServiceID" {
name = "myServiceID"
description = "ServiceID for deploying the app and devops tasks"
// create and download API key
provisioner "local-exec" {
command = "curl -X POST 'https://iam.cloud.ibm.com/v1/apikeys' -H 'Authorization: ${data.ibm_iam_auth_token.iam_tokendata.iam_access_token}' -H 'Content-Type: application/json' -d '{ \"name\":\"henrikTestKey\", \"iam_id\":\"${ibm_iam_service_id.myServiceID.id}\", \"store_value\": true}' > apikeyOutput.json"
}
}
必要的承载令牌可通过以下方式获得:
这不是答案吗@pijemcolu不确定这与IAM服务ID的API键有何关系?代码段也在
// Create a service ID for devops tasks
resource "ibm_iam_service_id" "myServiceID" {
name = "myServiceID"
description = "ServiceID for deploying the app and devops tasks"
// create and download API key
provisioner "local-exec" {
command = "curl -X POST 'https://iam.cloud.ibm.com/v1/apikeys' -H 'Authorization: ${data.ibm_iam_auth_token.iam_tokendata.iam_access_token}' -H 'Content-Type: application/json' -d '{ \"name\":\"henrikTestKey\", \"iam_id\":\"${ibm_iam_service_id.myServiceID.id}\", \"store_value\": true}' > apikeyOutput.json"
}
}
data "ibm_iam_auth_token" "tokendata" {}