We try out the Confluent Terraform Provider. We want to create a simple setup consisting
- Service Accounts with corresponding permission scope
- Kafka Cluster within an existing Environment
- Several Kafka Topics
To do so, we define three scope levels
- Organization
- Environment
- Cluster
In the organization level, we create all SA since we need OrgAdmin/AccountAdmin role binding. On the environment one, all actions are executed by a SA having EnvironmentAdmin Role or CloudClusterAdmin, respectively.
- Have an account with OrgAdmin/Account Admin role binding and a Cloud API Key/Secret
We encrypted sensitive information (variables.tf) with Blackbox.
Initialize Terraform for that project (for each scope level):
terraform init
Then we always work with:
terraform plan
terraform apply
terraform destroy
To see output variables such as the API Key and Secret, we need to execute:
terraform output api_secret