morning - anyone used pulumi_onepassword provider...
# pythonb
blue-spoon-32355
01/15/2025, 11:01 PMmorning - anyone used pulumi_onepassword provider.
It is giving me the run around on passing credentials to it. the documentation is lacking and LLMs including pulumi's arent getting it right
m
modern-zebra-45309
01/16/2025, 8:41 AMCan you show a minimal code example that illustrates your problem?
b
blue-spoon-32355
01/16/2025, 10:02 PM Copy code
import pulumi
import pulumi_aws as aws
import pulumi_onepassword as onepassword
# 1. Configure the 1Password Provider
provider_args = pulumi.ProviderResourceArgs.create(
onepassword=onepassword.ProviderArgs(
service_account_token=pulumi.get_secret("op_service_account_token"),
)
)
# 2. Fetch the Secret from 1Password
my_secret = onepassword.get_item(
"my_secret",
args=onepassword.GetItemArgs(
vault="my_vault",
uuid="my_secret_uuid", # Replace with the actual UUID of your 1Password secret
),
opts=pulumi.ResourceOptions(providers={"onepassword": provider_args}),
)
# 3. Use the Secret to Create an AWS Resource
# Example: Create an AWS IAM User with a programmatically generated password
iam_user = aws.iam.User("my_user")
iam_user_login_profile = aws.iam.UserLoginProfile(
"my_user_login_profile",
user=iam_user.name,
password=my_secret.fields["password"].apply(lambda secret: secret),
)
# 4. Output the IAM User's ARN
pulumi.export("iam_user_arn", iam_user.arn)blue-spoon-32355
01/16/2025, 10:03 PMthis was generated from good ol gemini but it has lots of mistakes
m
modern-zebra-45309
01/17/2025, 10:52 AMYes, that's not correct, I don't think it even instantiates a provider. Have a look at https://www.pulumi.com/registry/packages/onepassword/api-docs/provider/ and https://www.pulumi.com/registry/packages/onepassword/installation-configuration/.
modern-zebra-45309
01/17/2025, 10:55 AMI suggest you start by providing the token as an environment variable
OP_SERVICE_ACCOUNT_TOKEN