dcos_security_secret_service_account_secret

Data Resource: dcos_security_secret_service_account_secret

Computes the contents for the service account secret

Example Usage

# Create a private key using an external provider (eg. tls)
resource "tls_private_key" "service_account_key" {
  algorithm = "RSA"
  rsa_bits  = "2048"
}

# Pass the private key and the user account to the resource
data "dcos_security_secret_service_account_secret" "service_account" {
    uid            = "user-login"
    private_key    = "${tls_private_key.service_account_key.private_key_pem}"
}

# Handle the contents (eg. upload to a secret)
resource "dcos_security_secret" "service_account_secret" {
  path = "my-service/service-account"
  value = "${data.dcos_security_secret_service_account_secret.contents}"
}

Argument Reference

The following arguments are supported

  • private_key (Required) The PEM-encoded contents of a private key. This can be either a PKCS1 private key or PKCS8 private key without password. Any other type will be rejected.
  • uid (Required) The user ID.
  • login_endpoint (Required) Override the default login endpoint that will be used by the service.
  • contents (Output Only) This is an output (read-only) variable with the contents of the service account secret. This value can be safely uploaded to a service account secret and later used by the service in DC/OS.