Closed rwl50 closed 9 months ago
Hi,
Thanks for reporting. Added to the backlog and internal tracking ID for this request is: INFRAANO-1324.
Hi @rwl50, yes we moved to token based authentication for terraform operation from above v1.16.0 versions.
if you are able to authenticate your BIG-IP using token based autherntication ( by default we are using loginReference tmos
) we should not run into any issue.
please confirm you are generate token?
Environment
Summary
This is not a bug per se, but rather an issue with updating the documentation on https://registry.terraform.io/providers/F5Networks/bigip/latest/docs. The issue is that token_auth default value has been changed from false to true in commit https://github.com/F5Networks/terraform-provider-bigip/pull/725/commits/e47ef7fde1d96fbfbe635fd4479bfe585112f8aa
This causes any previous provider configuration that is missing the explicit token_auth = false to fail with a 401 unauthorized when running terraform plan
Steps To Reproduce
Steps to reproduce the behavior:
try creating any resource with the following provider configuration (which used to work in version 1.16.0):
provider "bigip" { alias = "bigipX"
address = var.bigip_provider.addresses.bigip username = data.vault_generic_secret.bigip_credentials.data[var.bigip_provider.credentials.username_key] password = data.vault_generic_secret.bigip_credentials.data[var.bigip_provider.credentials.password_key] }
It will produce a 401 unauthorized error.
If you add the token_auth = false to the provider configuration it works again:
provider "bigip" { alias = "bigipX"
address = var.bigip_provider.addresses.bigip username = data.vault_generic_secret.bigip_credentials.data[var.bigip_provider.credentials.username_key] password = data.vault_generic_secret.bigip_credentials.data[var.bigip_provider.credentials.password_key] token_auth = false }
Expected Behavior
I believe the behavior as expected according to the documentation should be that token_auth = false by default and only explicitly setting it to true should activate this functionality
Actual Behavior
The provider code has this set to true by default and when connecting to bigip it throws a 401 unauthorized error even though the user&pass actually work.
Best regards, Raoul