In the main.tf replace
<TERRAFORM CLOUD ORGANIZATION NAME>
in theterraform.cloud
block with your Terraform Cloud Organization Name and<TERRAFORM CLOUD ORGANIZATION's WORKSPACE NAME>
in theterraform.cloud.workspaces
block with your Terraform Cloud Organization's Workspaces Name.
A Terraform module that handles the creation creation and rotation of Confluent Cloud Resource API Key. The rotation of keys is based on the number of days since creation and you can retain a configurable number of API Key per Service Account.
The module triggers the creation and rotation of the Confluent Cloud Resource API Key based on the following input variable(s):
confluent_cloud_api_key
specifies the Confluent Cloud API Key (also referred as Cloud API ID)confluent_cloud_api_secret
specifies the Confluent Cloud API Secretday_count
specifies how many day(s) should the API Key be rotated fornumber_of_api_keys_to_retain
specifies the number of API Keys to retainkey_display_name
specifies the name of the human-readable name for the API Keyowner
specifies the API Key Owner. Refer to Confluent API Key Docs for more inforesource
specifies the API Key Resource associated with it. Refer to Confluent API Key Docs for more details
The module exposes the following output variables:
active_api_key
specifies the current active API Key to be used for new logins. Refer to confluent/confluent_api_key for the expected structureall_api_keys
specifies all API Keys sorted by creation date. With the current active API Key being the 1st in the collection
Due to the limitation of Terraform and Time Based rotation. You must execute the module regularly, on a frequency that is equal to or less than the configured number of days to rotate. If you do not, then you can run the risk of rotating out/deleting multiple API Keys on the next run. This can get to the extent that all your current API Keys are removed on a single run. This will prevent any current running process, that is currently using the older API Keys, from continuing to be able to log in and operate against your Confluent Cloud Resources.