From 3808d8a84517742d4d267a7132f0bc7266f991ce Mon Sep 17 00:00:00 2001 From: Ranbel Sun Date: Mon, 25 Nov 2024 17:24:35 -0500 Subject: [PATCH 1/2] add service token vault example --- .../access/create-service-token.mdx | 71 ++++++++++++------- 1 file changed, 46 insertions(+), 25 deletions(-) diff --git a/src/content/partials/cloudflare-one/access/create-service-token.mdx b/src/content/partials/cloudflare-one/access/create-service-token.mdx index 3934f7e169045b..2d639350c17ba1 100644 --- a/src/content/partials/cloudflare-one/access/create-service-token.mdx +++ b/src/content/partials/cloudflare-one/access/create-service-token.mdx @@ -3,7 +3,7 @@ --- -import { Tabs, TabItem } from '~/components'; +import { Tabs, TabItem, Details } from '~/components'; @@ -32,35 +32,56 @@ import { Tabs, TabItem } from '~/components'; ```tf resource "cloudflare_zero_trust_access_service_token" "example_service_token" { - account_id = var.cloudflare_account_id - name = "Example service token" - duration = "8760h" - } - ``` + account_id = var.cloudflare_account_id + name = "Example service token" + duration = "8760h" -3. Output the Client ID and Client Secret to the Terraform state file: - - ```tf - output "example_service_token_client_id" { - value = cloudflare_zero_trust_access_service_token.example_service_token.client_id + lifecycle { + create_before_destroy = true + } } + ``` - output "example_service_token_client_secret" { - value = cloudflare_zero_trust_access_service_token.example_service_token.client_secret - sensitive = true +3. To output the Client ID and Client Secret of the service token: + +
+ 1. Output the Client ID and Client Secret to the Terraform state file: + ```tf + output "example_service_token_client_id" { + value = cloudflare_zero_trust_access_service_token.example_service_token.client_id + } + + output "example_service_token_client_secret" { + value = cloudflare_zero_trust_access_service_token.example_service_token.client_secret + sensitive = true + } + ``` + 2. Apply the configuration: + ```sh + terraform apply + ``` + 3. Read the Client ID and Client Secret: + ```sh + terraform output -raw example_service_token_client_id + ``` + ```sh + terraform output -raw example_service_token_client_secret + ``` +
+ +
+ ```tf + resource "vault_generic_secret" "example_service_token" { + path = "kv/cloudflare/example_service_token" + disable_read = true + + data_json = jsonencode({ + "CLIENT_ID" = cloudflare_access_service_token.example_service_token.client_id + "CLIENT_SECRET" = cloudflare_access_service_token.example_service_token.client_secret + }) } ``` -4. Apply the configuration: - ```sh - terraform apply - ``` +
-5. Read the Client ID and Client Secret: - ```sh - terraform output -raw example_service_token_client_id - ``` - ```sh - terraform output -raw example_service_token_client_secret - ``` From e2546bf75ce5557165f6ab688c5c545d6454fb7c Mon Sep 17 00:00:00 2001 From: Ranbel Sun Date: Mon, 25 Nov 2024 17:37:46 -0500 Subject: [PATCH 2/2] tweak wording --- .../partials/cloudflare-one/access/create-service-token.mdx | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/content/partials/cloudflare-one/access/create-service-token.mdx b/src/content/partials/cloudflare-one/access/create-service-token.mdx index 2d639350c17ba1..9f38fcddd00aa3 100644 --- a/src/content/partials/cloudflare-one/access/create-service-token.mdx +++ b/src/content/partials/cloudflare-one/access/create-service-token.mdx @@ -42,7 +42,7 @@ import { Tabs, TabItem, Details } from '~/components'; } ``` -3. To output the Client ID and Client Secret of the service token: +3. Get the Client ID and Client Secret of the service token:
1. Output the Client ID and Client Secret to the Terraform state file: @@ -69,7 +69,7 @@ import { Tabs, TabItem, Details } from '~/components'; ```
-
+
```tf resource "vault_generic_secret" "example_service_token" { path = "kv/cloudflare/example_service_token"