堆栈内存溢出
  简体   繁体   English

如何从 Kubernetes_secret terraform 资源中获取 data.token

[英]How to get the data.token from Kubernetes_secret terraform resource

 原文  2019-05-08 14:10:39       terraform/ kubernetes-secrets/ terraform-provider-kubernetes

问题描述

I am trying to access the Kubernetes_secret data.token attribute in terraform, but I keep on getting the error我正在尝试访问 terraform 中的Kubernetes_secret data.token属性,但我不断收到错误消息

Resource 'data.kubernetes_secret.misp_whitelist_secret' does not have attribute 'data.token' for variable 'data.kubernetes_secret.misp_whitelist_secret.data.token'

Whats the way to resolve this issue?解决这个问题的方法是什么?

resource "kubernetes_service_account" "misp_whitelist_sa" {
  metadata {
    name = "misp-whitelist-sa"
  }
}

data "kubernetes_secret" "misp_whitelist_secret" {
  metadata {
    name      = "${kubernetes_service_account.misp_whitelist_sa.default_secret_name}"
    namespace = "${kubernetes_service_account.misp_whitelist_sa.metadata.0.namespace}"
  }
  depends_on = [
    "kubernetes_service_account.misp_whitelist_sa",
  ]
}

And I'm trying to access the data.token inside the terraform google_cloud_function resource我正在尝试访问 terraform google_cloud_function 资源中的 data.token

resource "google_cloudfunctions_function" "misp_whitelist_function" {
  name    = "${var.cluster}-misp-whitelist"
  ....<additional data> .....
  environment_variables = {
    CLUSTER = "${var.cluster}"
    PROJECT = "${var.project}"
    AUTH = "${data.kubernetes_secret.misp_whitelist_secret.data.token}"
  }
}

2 个解决方案

解决方案1
 0  2019-12-06 19:07:12

访问数据密钥的正确方法是:

AUTH = "${data.kubernetes_secret.misp_whitelist_secret.data["token"]}"

解决方案2
 0  2022-09-25 01:59:16

Ok banged my head against a wall here for a really long time.好吧,我的头撞在墙上长时间了。 The other answer is correct, but skips a crucial step.另一个答案是正确的,但跳过了关键步骤。

You need to make sure that the secret declares the correct type (and also maybe specify the annotation?)您需要确保秘密声明了正确的类型(还可能指定注释?)

resource "kubernetes_secret" "vault" {
  metadata {
    name = "vault-token"
    annotations = {
      "kubernetes.io/service-account.name" = "vault"
    }
  }

  type = "kubernetes.io/service-account-token" // THIS!
}

Then, once you have the proper type specified, you can use the token然后,一旦指定了正确的类型,就可以使用令牌

output "token" {
  value = kubernetes_secret.vault.data.token
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Terraform GCP:无法访问私有Kubernetes Master来创建kubernetes_secret - Terraform GCP: Unable to reach Private Kubernetes Master to create kubernetes_secret terraform-kubernetes-provider 如何从文件创建机密? - terraform-kubernetes-provider how to create secret from file? 如何将 API 令牌作为 Z303E96F80576360DAEB0C7 秘密资源提供给 GitLab Terraform 提供者? - How do I supply an API token to the GitLab Terraform provider as a Terraform secret resource? 带有 Flux 和 Terraform 的 Kubernetes 秘密 - Kubernetes secret with Flux and Terraform Terraform 导入 Kubernetes 机密 - Terraform import Kubernetes secret 从Terraform中的Kubernetes服务帐户检索令牌数据 - Retrieve token data from Kubernetes Service Account in Terraform 如何从 terraform 中的跨区域 AWS Secret Manager 检索机密 - How to retrieve secret from cross region AWS Secret Manager in terraform 如何重用 Terraform 中资源中的数据? - How to reuse data from a resource in Terraform? 如何使用 Terraform 创建引用秘密本身的秘密管理器秘密资源策略? - How to create secrets manager secret resource policy that references the secret itself using Terraform? terraform kubernetes 提供程序 - 未正确创建 tls 机密 - terraform kubernetes provider - tls secret not created properly
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM