diff --git a/website/docs/guides/binding-services.html.md b/website/docs/guides/binding-services.html.md new file mode 100644 index 0000000000..0ffb16fdb9 --- /dev/null +++ b/website/docs/guides/binding-services.html.md @@ -0,0 +1,51 @@ +--- +subcategory: "" +layout: "ibm" +page_title: "Binding a Service to a Cluster" +description: |- + Bind an IBM Cloud service to an IBM Cloud Kubernetes Service cluster. +--- + +# Binding a Service to a Cluster + +Bind an IBM Cloud service to an IBM Cloud Kubernetes Service cluster. Service binding is a quick way to create service credentials for an IBM Cloud service by using its public service endpoint and storing these credentials in a Kubernetes secret in your cluster. The Kubernetes secret is automatically encrypted in etcd to protect your data. + +To bind a service to your cluster, you need to: + +1. Create a resource key for the service +2. Use the target cluster's config as the `kubernetes` provider's configuration +3. Create a kubernetes secret, using the resource key's credentials + +## Example + +In the following example, we bind the `ibm_resource_instance.kms` service to `ibm_container_cluster.cluster`. + +```terraform +// create resource key +resource "ibm_resource_key" "kms_key" { + name = "kms_key" + resource_instance_id = ibm_resource_instance.kms.id +} + +// get cluster config by cluster ID +data "ibm_container_cluster_config" "cluster_config" { + cluster_name_id = ibm_container_cluster.cluster.id +} + +// use kubernetes provider configuration from cluster +provider "kubernetes" { + host = data.ibm_container_cluster_config.cluster_config.host + token = data.ibm_container_cluster_config.cluster_config.token + cluster_ca_certificate = data.ibm_container_cluster_config.cluster_config.ca_certificate +} + +// create kubernetes secret from resource key's credentials +resource "kubernetes_secret_v1" "kms_secret" { + metadata { + name = "kms-secret" + namespace = "default" + } + + data = ibm_resource_key.kms_key.credentials +} +``` diff --git a/website/docs/r/container_bind_service.html.markdown b/website/docs/r/container_bind_service.html.markdown index 51d92c19b4..5687dc314b 100644 --- a/website/docs/r/container_bind_service.html.markdown +++ b/website/docs/r/container_bind_service.html.markdown @@ -8,6 +8,10 @@ description: |- --- # ibm_container_bind_service + +> [!CAUTION] +> This resource will be deprecated, please check [this guide](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/guides/binding-services) on how to bind services. + Bind an IBM Cloud service to an IBM Cloud Kubernetes Service cluster. Service binding is a quick way to create service credentials for an IBM Cloud service by using its public service endpoint and storing these credentials in a Kubernetes secret in your cluster. The Kubernetes secret is automatically encrypted in etcd to protect your data. To bind a service to your cluster, you must provision an instance of the service first. For more information, about service binding, see [Adding services by using IBM Cloud service binding](https://cloud.ibm.com/docs/containers?topic=containers-service-binding).