Skip to content

imagepull-apikey-secrets-manager

Directory actions

More options

Directory actions

More options

Latest commit

 

History

History
 
 

imagepull-apikey-secrets-manager

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
README.md
README.md
 
 
main.tf
main.tf
 
 
outputs.tf
outputs.tf
 
 
variables.tf
variables.tf
 
 
version.tf
version.tf
 
 

README.md

ImagePull API key Secrets Manager

This module generate and store a service ID API key in IBM Cloud Secrets Manager that can be used in an imagePullSecret for pulling images from an IBM Container Registry. For more information about image pull secrets, see Creating an image pull secret in "Setting up an image registry" in Cloud docs.

Requirements

Name Version
terraform >= v1.0.0
ibm >= 1.83.0, < 2.0.0
time >= 0.9.1, < 1.0.0

Modules

Name Source Version
dynamic_serviceid_apikey terraform-ibm-modules/iam-serviceid-apikey-secrets-manager/ibm 1.2.0

Resources

Name Type
ibm_iam_service_id.image_secret_pull_service_id resource
ibm_iam_service_policy.cr_policy resource
time_sleep.wait_30_seconds_for_creation resource
time_sleep.wait_30_seconds_for_destruction resource

Inputs

Name Description Type Default Required
cr_namespace_name Container registry namespace name to be configured in IAM policy. string n/a yes
region Region where resources will be sourced / created string n/a yes
resource_group_id The resource group ID in which the container registry namespace exists (used in IAM policy configuration). string n/a yes
secrets_manager_guid Secrets manager instance GUID where secrets will be stored or fetched from string n/a yes
service_id_description Description to be used for ServiceID. string "ServiceId used to access container registry" no
service_id_name Name to be used for ServiceID. string "sid:0.0.1:image-secret-pull:automated:simple-service:container-registry:" no
service_id_secret_description Description to be used for ServiceID API Key. string "API Key associated with image pull serviceid" no
service_id_secret_group_id Secret Group ID of SM IAM secret where Service ID apikey will be stored. Leave default (null) to add in default secret-group. string null no
service_id_secret_name Name of SM IAM secret (dynamic ServiceID API Key) to be created. string "image-pull-iam-secret" no

Outputs

Name Description
secret_manager_guid GUI of Secrets-Manager containing secret
serviceid_apikey_secret_id ID of the Secret Manager Secret containing ServiceID API Key
serviceid_name Name of the ServiceID created to access Container Registry