AI 助理
备案控制台
文档
输入文档关键字查找
首页 Terraform 资源列表 Container Service for Kubernetes (ACK) Data Sources alicloud_cs_cluster_credential

alicloud_cs_cluster_credential

更新时间:
我的收藏

This data source provides Container Service cluster credential on Alibaba Cloud.

-> NOTE: Available since v1.187.0

-> NOTE: This datasource can be used on all kinds of ACK clusters, including managed clusters, imported kubernetes clusters, serverless clusters and edge clusters. Please make sure that the target cluster is not in the failed state before using this datasource, since the api server of clusters in the failed state cannot be accessed.

Example Usage

# Declare the data source
data "alicloud_cs_managed_kubernetes_clusters" "k8s" {
  name_regex     = "my-cluster"
  enable_details = false
}

data "alicloud_cs_cluster_credential" "auth" {
  for_each                   = toset(data.alicloud_cs_managed_kubernetes_clusters.k8s.ids)
  cluster_id                 = each.key
  temporary_duration_minutes = 60
  output_file                = "my-auth-json"
}

Argument Reference

The following arguments are supported:

  • cluster_id - (Required) The id of target cluster.
  • temporary_duration_minutes - (Optional) Automatic expiration time of the returned credential. The valid value between 15 and 4320, in minutes. When this field is omitted, the expiration time will be determined by the system automatically and the result will be in the attributed field expiration.
  • output_file - (Optional) File name where to save the returned KubeConfig (after running terraform plan).

Attributes Reference

The following attributes are exported in addition to the arguments listed above:

  • cluster_id - The id of target cluster.
  • cluster_name - The name of target cluster.
  • kube_config - (Sensitive) The kube config to use to authenticate with the cluster.
  • certificate_authority - (Available in 1.105.0+) Nested attribute containing certificate authority data for your cluster.
    • cluster_cert - The base64 encoded cluster certificate data required to communicate with your cluster. Add this to the certificate-authority-data section of the kube config file for your cluster.
    • client_cert - The base64 encoded client certificate data required to communicate with your cluster. Add this to the client-certificate-data section of the kube config file for your cluster.
    • client_key - The base64 encoded client key data required to communicate with your cluster. Add this to the client-key-data section of the kube config file for your cluster.
  • expiration - Expiration time of kube config. Format: UTC time in rfc3339.

上一篇:alicloud_ack_service下一篇:alicloud_cs_edge_kubernetes_clusters
文档推荐