I am using Terraform aws
provider and I want create IAM user access key using aws_iam_access_key{}
resource. But I don’t know how to retrieve the secret key. I create the resource like this:
resource "aws_iam_access_key" "main_user_access_key" {
user = aws_iam_user.main_user.name
}
And then I use Terraform output block like that:
output "main_user_secret_key" {
value = aws_iam_access_key.main_user_access_key.encrypted_ses_smtp_password_v4
sensitive = true
}
And use another Terraform output block in the root module:
output "main_module_outputs" {
value = module.main
}
But after doing all these steps all I get of output is "tostring(null)"
"main_user_secret_key" = tostring(null)
Has anyone encountered similar problem ? What am I doing wrong and how could this be solved ?
2
Answers
The problem was me not specifying the
pgp_key
argument and usingencrypted_ses_smtp_password_v4
attribute instead ofencrypted_secret
in the output. I did not read the documentation carefully telling that the attribute will only be generated ifpgp_key
is specified.Things seem to be working now and the secret key gets generated.
The
pgp_key
argument in theaws_iam_access_key
resource encrypts the secret access key using a PGP (Pretty Good Privacy) key. so when you include apgp_key
, Terraform provides encrypted versions of the secret key through attributes likeencrypted_secret
.This will normally solve it out.