skip to Main Content

I am using Terraform aws provider and I want create IAM user access key using aws_iam_access_key{} resource. But I don’t know how to retrieve the secret key. I create the resource like this:

resource "aws_iam_access_key" "main_user_access_key" {
  user = aws_iam_user.main_user.name
}

And then I use Terraform output block like that:

output "main_user_secret_key" {
  value = aws_iam_access_key.main_user_access_key.encrypted_ses_smtp_password_v4
  sensitive = true
}

And use another Terraform output block in the root module:

output "main_module_outputs" {
  value = module.main
}

But after doing all these steps all I get of output is "tostring(null)"

"main_user_secret_key" = tostring(null)

Has anyone encountered similar problem ? What am I doing wrong and how could this be solved ?

2

Answers


  1. Chosen as BEST ANSWER

    The problem was me not specifying the pgp_key argument and using encrypted_ses_smtp_password_v4 attribute instead of encrypted_secret in the output. I did not read the documentation carefully telling that the attribute will only be generated if pgp_key is specified.

    enter image description here

    Things seem to be working now and the secret key gets generated.


  2. The pgp_key argument in the aws_iam_access_key resource encrypts the secret access key using a PGP (Pretty Good Privacy) key. so when you include a pgp_key, Terraform provides encrypted versions of the secret key through attributes like encrypted_secret.

    resource "aws_iam_access_key" "main_user_access_key" {
      user     = aws_iam_user.main_user.name
      pgp_key  = file("mykey.asc") # Path to your public PGP key
    }
    
    output "encrypted_secret_key" {
      value     = aws_iam_access_key.main_user_access_key.encrypted_secret
      sensitive = true
    }
    

    This will normally solve it out.

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search