I am using both the Activity Tracker and Log Analysis services on IBM Cloud, both are based on LogDNA. In order to export logs, e.g., to search them via my scripts, it requires a service key, not the IBM Cloud IAM API key. How can I obtain that key without going through the UI and the LogDNA dashboard? Ideally this is through a REST API or integrated with the Terraform provider.
The service key for Activity Tracker / Log Analysis now seems to be included in the IBM Cloud resource key information. A resource key can be created and existing keys obtained via the Resource Controller API.
This retrieves an existing resource key, including the LogDNA service key:
curl -X GET \
https://resource-controller.cloud.ibm.com/v2/resource_keys/000-my-resource-key-id-0000 \
-H "Authorization: $TOKEN"
Thus, the service key can also be created or retrieved using the IBM Cloud Terraform provider and its Resource Management functions.
data "ibm_resource_instance" "AT_instance" {
name ="ActivityTracker-Henrik-Dallas"
service="logdnaat"
}
data "ibm_resource_key" "AT_rk" {
resource_instance_id=data.ibm_resource_instance.AT_instance.id
name="TESTkey_Dallas"
}
The returned data for AT_rk has an attributes property with credentials. It includes service_key and ingestion_key.