I set up a federated identity on openstack and i can connect my Ldap users on horizon and with CLI with openidc. in my adminrc file for federated users, i use specific parameters:
- OS_AUTH_TYPE=v3oidcpassword
- OS_IDENTITY_PROVIDER=idp
- OS_PROTOCOL="mapped"
- export OS_DISCOVERY_ENDPOINT
- export OS_CLIENT_SECRET
- export OS_CLIENT_ID
I want that my federated users could use terraform to create their infrastructure. Are there attributes that matchs those on terraform ? Thank you
Terraform with CLI federation is not implemented, A workaround for this is to:
Authenticate using CLI.
Create a token openstack token issue
The output is similar to this:
"id": "T7C50ZjutCxhwqbQUw9gYeOobm7Vesluzaj7hZ2mQUhZ4y_YX5ytQkSUf6RMzJThO3TafSjUT0KVmKj9HYJOV",
"expires": "2019-08-29T14:19:59+0000",
"project_id": "04752a122bdd4c95ad4a84c7dba70f51",
"user_id": "87508f29403541cbafd12c0764cd81b6"
In the terraform provider:
provider "openstack" { tenant_id = "04752a122bdd4c95ad4a84c7dba70f51" cacert_file = "/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem" auth_url = "https://horizon:5000/v3" token = "T7C50ZjutCxhwqbQUw9gYeOobm7Vesluzaj7hZ2mQUhZ4y_YX5ytQkSUf6RMzJThO3TafSjUT0KVmKj9HYJOV" }
This will work