Skip to content

nimbolus/tf-openstack-oidc-auth

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
LICENSE
LICENSE
 
 
README.md
README.md
 
 
main.tf
main.tf
 
 
os-token.sh
os-token.sh
 
 
outputs.tf
outputs.tf
 
 
variables.tf
variables.tf
 
 

Repository files navigation

Terraform Module - OpenStack OIDC Auth

The OpenStack Terraform provider does not support authenticating against Keystone using the OIDC Access Token flow. To mitigate that, this module uses the OpenStack CLI to do the initial authentication and requesting a Keystone token which then can be used with the provider.

Requirements:

Example code:

data "vault_generic_secret" "openstack_access_token" {
  path = "identity/oidc/token/openstack-cloud-project"
}

module "openstack_oidc_auth" {
  source = "git::https://github.com/nimbolus/tf-openstack-oidc-auth.git?ref=v0.1.0"

  auth_url            = var.openstack_auth_url
  identity_provider   = "vault"
  project_domain_name = "demo"
  project_name        = "demo"
  access_token        = data.vault_generic_secret.openstack_access_token.data["token"]
}

provider "openstack" {
  auth_url  = var.openstack_auth_url
  region    = var.openstack_region
  tenant_id = module.openstack_oidc_auth.project_id
  token     = module.openstack_oidc_auth.token
}

About

Terraform module for authenticating against OpenStack using OIDC Access Token flow

Topics

terraform terraform-module

Resources

Readme

License

BSD-3-Clause license
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Languages