Dumping Terraform output to a local file

Question

I want to create a file (credentials.json) within a directory, say content using Terraform.

The contents will be the output of a private service account key.

I am using the following code to create the service account and get its key to data:

resource "google_service_account" "my-account" {
  account_id = "${var.account_id}"
  project    = "${var.project_id}"
}

resource "google_service_account_key" "my-account" {
  service_account_id = "${google_service_account.my-account.name}"
}

data "google_service_account_key" "my-account" {
  name            = "${google_service_account_key.cd.name}"
  public_key_type = "TYPE_X509_PEM_FILE"
}

How can I then dump it to a local file?

My use case is that I want to create the credentials.json to enable periodic backups of jenkins to a google cloud storage bucket.

ydaetskcoR · Accepted Answer

You can use the local_file resource to write data to disk in a Terraform run.

So you could do something like the following:

resource "google_service_account" "my-account" {
  account_id = "${var.account_id}"
  project    = "${var.project_id}"
}

resource "google_service_account_key" "my-account" {
  service_account_id = "${google_service_account.my-account.name}"
}

resource "local_file" "key" {
  filename = "/path/to/key/output"
  content  = "${base64decode(google_service_account_key.my-account.private_key)}"
}

Note that you should never need a data source to look at the outputs of a resource you are creating in that same Terraform command. In this case you can ditch the google_service_account_key data source because you have the resource available to you.

The benefit of data sources is when you need to look up some generated value of a resource either not created by Terraform or in a different state file.

Dumping Terraform output to a local file

Answers (2)

Related Questions