Data Resource: dcos_security_secret_service_account_secret
Computes the contents for the service account secret
Example Usage
# Create a private key using an external provider (eg. tls)
resource "tls_private_key" "service_account_key" {
algorithm = "RSA"
rsa_bits = "2048"
}
# Pass the private key and the user account to the resource
data "dcos_security_secret_service_account_secret" "service_account" {
uid = "user-login"
private_key = "${tls_private_key.service_account_key.private_key_pem}"
}
# Handle the contents (eg. upload to a secret)
resource "dcos_security_secret" "service_account_secret" {
path = "my-service/service-account"
value = "${data.dcos_security_secret_service_account_secret.contents}"
}
Argument Reference
The following arguments are supported
private_key
(Required) The PEM-encoded contents of a private key. This can be either a PKCS1 private key or PKCS8 private key without password. Any other type will be rejected.uid
(Required) The user ID.login_endpoint
(Required) Override the default login endpoint that will be used by the service.contents
(Output Only) This is an output (read-only) variable with the contents of the service account secret. This value can be safely uploaded to a service account secret and later used by the service in DC/OS.