Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add login-method OIDC to provider #77

Open
DaniRieker opened this issue Nov 10, 2023 · 1 comment
Open

Add login-method OIDC to provider #77

DaniRieker opened this issue Nov 10, 2023 · 1 comment

Comments

@DaniRieker
Copy link

We use OIDC for login to the web-ui as well as for the cli. We would like to use the same login method when running terraform locally currently we need to configure an additional id/key based auth-method for each engineer and make sure the permissions match.

Would it be possible to add the oidc login method to the provider and configure it like this:

provider "akeyless" {
  api_gateway_address = "https://api.akeyless.io"

  oidc_login {
      access_id = "" // get it also from ENV variable AKEYLESS_AUTH_OIDC_ACCESS_ID
      oidc_token ="" // get it also from ENV variable AKEYLESS_AUTH_OIDC_TOKEN
  }
}

I'm having two ideas in mind for the actual implementation of the authentication:

  1. Use the cached credential from the CLI for the same access_id
  2. Add a second parameter to the oidc_login schema "oidc_token" where the token can be added
@chestnutprog
Copy link

+1, BTW, I think it can be more convince if the provider can read login state from ~/.akeyless generated by akeyless auth

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@chestnutprog @DaniRieker