I am trying to use HMAC credentials for Cloud Object Storage/S3 in Terraform but seeing this error.
Error: Unsupported attribute
on main.tf line 56, in resource "ibm_cos_bucket" "sink_bucket":
56: ACCESS_KEY = ibm_resource_key.cos_key.credentials.cos_hmac_keys.access_key_id
This value does not have any attributes.
Error: Unsupported attribute
on main.tf line 57, in resource "ibm_cos_bucket" "sink_bucket":
57: SECRET_ACCESS_KEY = ibm_resource_key.cos_key.credentials.cos_hmac_keys.secret_access_key
This value does not have any attributes.
I have generated COS HMAC credentials by setting HMAC=true while creating the cos_key
resource ibm_resource_key cos_key {
name = "${var.basename}-cos-key"
resource_instance_id = ibm_resource_instance.cos.id
role = "Writer"
parameters = {
service-endpoints = "private"
HMAC = true
}
}
When I check the terraform.tstate file, I see the credentials as below
"cos_key": {
"value": {
"credentials": {
"apikey": "muydB9TyqWr9_aCmFlSRSu-JG3J3PPzXcxxxxxxx",
"cos_hmac_keys.access_key_id": "e0892b46cfe1411cxxxxxx0",
"cos_hmac_keys.secret_access_key": "8520aca8680e3e930f74a8869xxxxxx8a27a6",
...
}
}
}
This is what worked for me
provisioner "local-exec" {
command = "echo 'Credentials for MINIO client...'"
environment = {
ACCESS_KEY = ibm_resource_key.cos_key.credentials["cos_hmac_keys.access_key_id"]
SECRET_ACCESS_KEY = ibm_resource_key.cos_key.credentials["cos_hmac_keys.secret_access_key"]
COS_REGION = var.region
COS_BUCKET_NAME = ibm_cos_bucket.sink_bucket.bucket_name
}
}
The problem here is custom json properties that inclue dots(.)like cos_hmac_keys.access_key_id. Terraform throws error until you use the below notation
credentials["cos_hmac_keys.access_key_id"]