Open pyranja opened 1 year ago
I think that's a duplicate of #364 actually.
@pyranja I think you close the issue too soon. I am facing the same issue and you were right on you supposition : here in the fleet client code we can see that the Authorization header is prefixed by the Bearer keyword instead of ApiKey https://github.com/elastic/terraform-provider-elasticstack/blob/main/internal/clients/fleet/client.go#L102
FWIW the correct link for the Kibana API is here. It's lacking some detail on how to use API key auth though. The conclusion is however still correct, i.e we need to use the ApiKey
prefix, rather than Bearer
.
The docs linked to in the original issue are for the ESS (Cloud) API which currently uses a different API key to Kibana/Elasticsearch.
solved by #576
Describe the bug
I'm trying to use the
elasticstack_fleet_enrollment_tokens
data source, when using an api key for authentication. Performing aterraform plan
fails with a401 Unauthorized
status.To Reproduce Steps to reproduce the behavior:
Expected behavior Can use an apikey to authenticate with fleet.
Debug output Run
terraform
command withTF_LOG=trace
and provide extended information on TF operations.Additional context I verified that the apikey works when contacting the api directly. After checking the provider implementation, I suspect that the provider sends authorization headers with the
Bearer
prefix. Apikeys are expected to use theApikey
prefix though - https://www.elastic.co/guide/en/cloud/current/ec-api-authentication.html