Terraform检索现有GCP秘密作为数据

时间:2020-04-01 14:24:56

标签: google-cloud-platform terraform terraform-provider-gcp google-secret-manager

尝试实现用于引用Terraform的“机器人帐户”的数据模块。

我得到以下错误:

Error: Reference to undeclared resource

  on main.tf line 7, in provider "google":
   7:   credentials   = data.google_secret_manager_secret_version.secret

A data resource "google_secret_manager_secret_version" "secret" has not been
declared in the root module.

Error: Reference to undeclared input variable

  on datamodule\KeydataModule.tf line 3, in data "google_secret_manager_secret_version" "secret":
   3:   secret = "${var.Terra_Auth}"

An input variable with the name "Terra_Auth" has not been declared. This
variable can be declared with a variable "Terra_Auth" {} block.

使用以下 main.tf 

module "KeydataModule" {
  source = "./datamodule"

}

provider "google" {
  credentials   = data.google_secret_manager_secret_version.secret
  project       = "KubeProject"
  region        = "us-central1"
  zone          = "us-central1-c"
}

resource "google_compute_instance" "vm_instance" {
  name         = "terraform-instance"
  machine_type = "f1-micro"

  boot_disk {
    initialize_params {
      image = "ubuntu-cloud/ubuntu-1804-lts"
    }
  }

  network_interface {
    # A default network is created for all GCP projects
    network       = google_compute_network.vpc_network.self_link
    access_config {
    }
  }
}

resource "google_compute_network" "vpc_network" {
  name                    = "terraform-network"
  auto_create_subnetworks = "true"
}

keydataModule.tf 

data "google_secret_manager_secret_version" "secret" {
  provider = google-beta
  secret = "${var.Terra_Auth}"
}

以下用于创建“ Terra Auth”变量的 variables.tf 

variable "Terra_Auth" {
   type = string
   description = "Access Key for Terraform Service Account" 
}

最后是一个 terraform.tfvars 文件,在这种情况下,该文件将秘密名称保存在我的GCP帐户中:

Terra_Auth = "Terraform_GCP_Account_Secret"

0 个答案:

没有答案
相关问题
最新问题