Google Cloud Platform

@hashicorp

The googlecompute plugin can be used with HashiCorp Packer to create custom images on GCE.

Official
HCP Ready

Updated 2 years ago

GitHub
(opens in new tab)

Secrets Manager

The Secrets Manager data source provides information about a Secrets Manager secret version, including its value and metadata.

Note: Data sources is a feature exclusively available to HCL2 templates.

Basic examples of usage:

data "googlecompute-secretsmanager" "basic-example" {
  project_id = "debian-cloud"
  name       = "packer_test_secret"
  key        = "packer_test_key"
}

# usage example of the data source output
locals {
  value = data.googlecompute-secretsmanager.basic-example.value
  payload = data.googlecompute-secretsmanager.basic-example.payload
}

Reading key-value pairs from JSON back into a native Packer map can be accomplished with the jsondecode() function.

Configuration Reference

Required

project_id (string) - The Google Cloud project ID where the secret is stored.
name (string) - The name of the secret in the secret manager.

Optional

key (string) - The key to extract from the secret payload. If not provided, the entire payload will be returned.
version (string) - The version of the secret to access. Defaults to "latest" if not specified.

Output Data

payload (string) - The raw string payload of the secret version.
value (string) - The value extracted using the 'key', if provided.
checksum (int64) - The crc32c checksum for the payload.

Authentication

To authenticate with GCE, this data-source supports everything the plugin does. To get more information on this, refer to the plugin's description page, under the authentication section.