search

RedisLabs / terraform-provider-rediscloud

Terraform Redis Cloud Provider: Deploy, update, and manage Redis Cloud databases as code through HashiCorp Terraform
https://registry.terraform.io/providers/RedisLabs/rediscloud/latest
Apache License 2.0
30 stars 22 forks source link

Authentication just stopped working #418

Closed tomer-ds closed 1 year ago

tomer-ds commented 1 year ago

Hi there,

Thank you for opening an issue. Please note that we try to keep the Terraform issue tracker reserved for bug reports and feature requests. For general usage questions, please see: https://www.terraform.io/community.html.

Terraform Version

Run terraform -v to show the version. If you are not running the latest version of Terraform, please upgrade because your issue may have already been fixed.

Terraform v1.5.0
on windows_amd64
+ provider registry.terraform.io/hashicorp/aws v5.9.0
+ provider registry.terraform.io/hashicorp/random v3.5.1
+ provider registry.terraform.io/redislabs/rediscloud v1.3.1

Affected Resource(s)

Please list the resources as a list, for example:

If this issue appears to affect multiple resources, it may be an issue with Terraform's core, so please mention this.

I am creating multiple instances of this data source, but always the same one

Terraform Configuration Files

Both environment variables are set for authentication. Both were successfully tested using swagger API calls:

$env:REDISCLOUD_ACCESS_KEY = "OBFUSCATED"
$env:REDISCLOUD_SECRET_KEY = "OBFUSCATED
variable "user_list" {
  description = <<DOC
A list of maps defining users to create. 
Each map must contain the following keys:
- name: The name of the user to create
- password: The password for the user
- role: The name of the ACL Role to create. 
  - This will also define the matching ACL Rule to assign to the role. Eventually this will be changed for more flexibility

The name of the ACL rule to assign to the user
This can be any of the rules, default or custom, that can be found here: 
https://app.redislabs.com/#/data-access-control/redis-acls
DOC
  type        = list(map(string))
  default = [
    {
      name     = "admin"
      password = "admin"
      role     = "Full-Access"
    },
    {
      name     = "writer"
      password = "writer"
      role     = "Read-Write"
    },
    {
      name     = "reader"
      password = "reader"
      role     = "Read-Only"
    }
  ]
}

terraform {
  required_version = "~>1.5.0"
  required_providers {
    rediscloud = {
      source  = "RedisLabs/rediscloud"
      version = "1.3.1"
    }
  }
}

data "rediscloud_acl_rule" "selected" {
  for_each = { for user in var.user_list : user.name => user }
  name     = each.value.role
}

resource "rediscloud_acl_user" "user" {
  for_each = { for user in var.user_list : user.name => user }
  name     = each.key
  role     = rediscloud_acl_role.role[each.key].name
  password = each.value.password
}

resource "rediscloud_acl_role" "role" {
  for_each = { for user in var.user_list : user.name => user }
  name     = each.key
  rule {
    name = data.rediscloud_acl_rule.selected[each.key].name
    dynamic "database" {
      for_each = var.databases != null ? var.databases : {}

      content {
        subscription = var.existing_subscription_name != null ? data.rediscloud_subscription.subscription[0].id : rediscloud_subscription.subscription[0].id
        database     = rediscloud_subscription_database.database[database.key].id
      }
    }
  }
}

Debug Output

Please provider a link to a GitHub Gist containing the complete debug output: https://www.terraform.io/docs/internals/debugging.html. Please do NOT paste the debug output in the issue; just paste a link to the Gist.

Expected Behavior

Rules will be querried from RedisCloud and returned by the data source successfully

Actual Behavior

401 Authentication error

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

  1. terraform init
  2. terraform plan
tomer-ds commented 1 year ago

I can only imagine that it is something I might be doing with the authentication... I am getting the same error when attempting to create a cloud account resource.

This happens after attempting to apply terraform apply --auto-approve

╷
│ Error: failed to cloud account: 401 - "Authentication error: Authentication failed for provided credentials"
│
│   with module.redis["poc"].rediscloud_cloud_account.account,
│   on ..\..\main.tf line 55, in resource "rediscloud_cloud_account" "account":
│   55: resource "rediscloud_cloud_account" "account" { #! open for testing
│
╵
tomer-ds commented 1 year ago

Ok... so it owuld seem that the user that I created for this task need to have the account verified by clicking the link on the email sent on user creation. I have done this and am now getting other errors... so I guess this case is closed and I will attempt to fix the new errors...

Thanks anyway