Feature Request: Resource required to enable TLS security protocol on MAAS

canonical / terraform-provider-maas

Terraform MAAS provider

Mozilla Public License 2.0

64 stars 45 forks source link

Feature Request: Resource required to enable TLS security protocol on MAAS #161

Closed vishvikkrishnan closed 8 months ago

vishvikkrishnan commented 8 months ago

It would be helpful to have a maas_tls resource to enable TLS communications for the MAAS API. Currently, this is achieved using the command:

sudo maas config-tls enable $key $cert --port YYYY

where $key, $cert, and YYYY are private key, TLS certificate, and the HTTPS port, respectively.

A model maas_tls resource could look like this:

resource "maas_tls" "tls_enable" {
  cert     = <tls-cert>
  key      = <private-key>
  port     = <https_port> # e.g. 5443
}

skatsaounis commented 8 months ago

Hi @vishvikkrishnan

I am afraid that this feature request cannot be implemented. The configuration of TLS is not made through the API. Instead, as it can be observe here this is implemented with a Django command. That means you can only run it from region controller.

troyanov commented 8 months ago

The API does not provide access to this configuration option simply because transmitting the private key over the network would compromise its security.