Make user password expired - Githubissues

bpg / terraform-provider-proxmox

Terraform Provider for Proxmox

https://registry.terraform.io/providers/bpg/proxmox

Mozilla Public License 2.0

841 stars 138 forks source link

Make user password expired #1477

Closed Nordal closed 1 month ago

Nordal commented 2 months ago

I am creating users with the user_account resource like this:

user_account { keys = [trimspace(tls_private_key.ubuntu_vm_key.public_key_openssh)] password = xxx username = "xxx" }

Users will fill out a web form, and it will create the user and generate a random password. The password policy in my company requires the initial user password to be one-time.

It would be nice to have an option to set the password as expired, forcing the user to create a new password at first login.

I am sure this can be achieved with "real" cloud-init, but to keep things simple I am using the build in cloud-init support, with the limitations it has.

Thank you for doing a great work with this provider

BR Kasper

bpg commented 2 months ago

Hi @Nordal 👋🏼

I am sure this can be achieved with "real" cloud-init, but to keep things simple I am using the build in cloud-init support, with the limitations it has.

You're right in this part. Unfortunately, the provider is very limited in what it can do in the "standard" cloud-init. Basically, it can only configure parameters exposed via PVE APIs: Screenshot 2024-08-08 at 9 09 13 PM

For anything extra operators should provide "real" cloud-init configs via ouser / vendor / meta data files.