Difference between revisions of "Terraform resource: aws iam access key"

From wikieduonline
Jump to navigation Jump to search
 
(13 intermediate revisions by 2 users not shown)
Line 1: Line 1:
* https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_access_key
+
* <code>[[aws_iam_access_key]]</code> <ref>https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_access_key</ref>
 +
 
 +
== Examples ==
 +
 
 +
 
 +
{{aws_iam_user_aws_iam_access_key_aws_iam_smtp_password_v4}}
 +
 
  
Examples:
 
 
  resource "aws_iam_access_key" "your_lb" {
 
  resource "aws_iam_access_key" "your_lb" {
 
   user    = aws_iam_user.lb.name
 
   user    = aws_iam_user.lb.name
Line 9: Line 14:
 
  resource "aws_iam_access_key" "your_lb" {
 
  resource "aws_iam_access_key" "your_lb" {
 
   user    = aws_iam_user.lb.name
 
   user    = aws_iam_user.lb.name
   secret = XXX
+
   secret<ref>https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_access_key#secret</ref> = XXX
 
  }
 
  }
 +
 +
 +
secret
 +
Secret access key. This attribute is not available for imported resources. Note that this will be written to the state file. If you use this, please protect your backend state file judiciously. Alternatively, you may supply a [[pgp_key]] instead, which will prevent the secret from being stored in plaintext, at the cost of preventing the use of the secret key in automation.
 +
 +
[[terraform state pull]] | [[jq]] '.resources[] | select(.type == "[[aws_iam_access_key]]") | .instances[0].attributes' <ref>https://stackoverflow.com/questions/59473690/how-to-extract-sensitive-output-variables-in-terraform</ref>
 +
 +
== Related ==
 +
* <code>[[terraform console]]</code>
 +
* [[Dynamic Credentials with the AWS Provider]]
  
 
== See also ==
 
== See also ==
 +
* {{aws_iam_user}}
 
* {{Terraform aws iam resources}}
 
* {{Terraform aws iam resources}}
  
 
[[Category:Terraform]]
 
[[Category:Terraform]]

Latest revision as of 16:02, 10 October 2024

Examples[edit]

 resource "aws_iam_user" "test" {
  name = "test"
  path = "/test/"
}

resource "aws_iam_access_key" "test" {
  user = aws_iam_user.test.name
}

output "aws_iam_smtp_password_v4" {
  value = aws_iam_access_key.test.ses_smtp_password_v4
}


resource "aws_iam_access_key" "your_lb" {
  user    = aws_iam_user.lb.name
  pgp_key = "keybase:some_person_that_exists"
}
resource "aws_iam_access_key" "your_lb" {
  user    = aws_iam_user.lb.name
  secret[2] = XXX
}


secret
Secret access key. This attribute is not available for imported resources. Note that this will be written to the state file. If you use this, please protect your backend state file judiciously. Alternatively, you may supply a pgp_key instead, which will prevent the secret from being stored in plaintext, at the cost of preventing the use of the secret key in automation.
terraform state pull | jq '.resources[] | select(.type == "aws_iam_access_key") | .instances[0].attributes' [3]

Related[edit]

See also[edit]

  • https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_access_key
  • https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_access_key#secret
  • https://stackoverflow.com/questions/59473690/how-to-extract-sensitive-output-variables-in-terraform
  • Advertising: