Fatal编程技术网
  • terraform/
  • IBMCloud和terraform:如何创建和下载API密钥?

IBMCloud和terraform:如何创建和下载API密钥?

terraform ibm-cloud

IBMCloud和terraform:如何创建和下载API密钥?,terraform,ibm-cloud,ibm-iam,terraform-provider-ibm,Terraform,Ibm Cloud,Ibm Iam,Terraform Provider Ibm,有了它就有可能 我还成功创建了一个服务ID resource "ibm_iam_service_id" "serviceID" { name = "test" description = "New ServiceID" } 如何创建API密钥,下载它并使用它在服务ID下运行下一个terraform应用程序?以及最近更新的功能 旧的 这个任务有点棘手,因为插件不返回 有两种选择。一种是使用带有c

有了它就有可能

我还成功创建了一个服务ID

resource "ibm_iam_service_id" "serviceID" {
  name        = "test"
  description = "New ServiceID"
}
如何创建API密钥,下载它并使用它在服务ID下运行下一个
terraform应用程序

以及最近更新的功能

旧的 这个任务有点棘手,因为插件不返回

有两种选择。一种是使用带有curljq的空资源

  • 首先获取服务ID详细信息,包括iam_ID
  • 然后,通过POST创建API密钥
    • 1的一个片段。可能是这样的:

    resource "null_resource" "devops_iam_id" {
  // Get iam_id for service ID
  provisioner "local-exec" {
    command = "curl -X GET 'https://iam.cloud.ibm.com/v1/serviceids/${ibm_iam_service_id.myServiceID.id}' -H 'Authorization: ${data.ibm_iam_auth_token.iam_tokendata.iam_access_token}' -H 'Content-Type: application/json' | jq '.iam_id'"
  }
}
    另一种选择是利用iam_id似乎只是前缀
    iam-
    ,后跟唯一id这一事实。因此,以下内容适合我:

    // Create a service ID for devops tasks
    resource "ibm_iam_service_id" "myServiceID" {
      name        = "myServiceID"
      description = "ServiceID for deploying the app and devops tasks"
    
      // create and download API key
      provisioner "local-exec" {
        command = "curl -X POST 'https://iam.cloud.ibm.com/v1/apikeys' -H 'Authorization: ${data.ibm_iam_auth_token.iam_tokendata.iam_access_token}' -H 'Content-Type: application/json' -d '{ \"name\":\"henrikTestKey\", \"iam_id\":\"iam-${ibm_iam_service_id.myServiceID.id}\", \"store_value\": true}' > apikeyOutput.json"
      }
    }
    更新:通过此操作,将返回iam_id,并可直接寻址:

    // Create a service ID for devops tasks
    resource "ibm_iam_service_id" "myServiceID" {
      name        = "myServiceID"
      description = "ServiceID for deploying the app and devops tasks"
    
      // create and download API key
      provisioner "local-exec" {
        command = "curl -X POST 'https://iam.cloud.ibm.com/v1/apikeys' -H 'Authorization: ${data.ibm_iam_auth_token.iam_tokendata.iam_access_token}' -H 'Content-Type: application/json' -d '{ \"name\":\"henrikTestKey\", \"iam_id\":\"${ibm_iam_service_id.myServiceID.id}\", \"store_value\": true}' > apikeyOutput.json"
      }
    }
    必要的承载令牌可通过以下方式获得:

    这不是答案吗@pijemcolu不确定这与IAM服务ID的API键有何关系?代码段也在 
    // Create a service ID for devops tasks
    resource "ibm_iam_service_id" "myServiceID" {
      name        = "myServiceID"
      description = "ServiceID for deploying the app and devops tasks"
    
      // create and download API key
      provisioner "local-exec" {
        command = "curl -X POST 'https://iam.cloud.ibm.com/v1/apikeys' -H 'Authorization: ${data.ibm_iam_auth_token.iam_tokendata.iam_access_token}' -H 'Content-Type: application/json' -d '{ \"name\":\"henrikTestKey\", \"iam_id\":\"${ibm_iam_service_id.myServiceID.id}\", \"store_value\": true}' > apikeyOutput.json"
      }
    }


    data "ibm_iam_auth_token" "tokendata" {}