Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.
to have password less authentication with WinRM just like ssh private_key.
this also solves the issue where if someone change user's password, which on Windows OS is quite normal, having certificate based authentication can still allow terraform to manage resources via WinRM.
Attempted Solutions
Nothing comes in mind to use passwordless auth for WinRM via terraform.
one way to solve is to install openssh service on Windows OS and use normal SSH connection instead of WinRM.
Proposal
if certificate based auth is allowed via connection block for WinRM , it might looks like below
Reading from existing provisioner docs , WinRM only work with user and password type authentication.
it would be nice if terraform can allow authenticating using client certificate based auth which winrm supports. this link is just for reference from Microsoft (https://docs.microsoft.com/en-us/windows/win32/winrm/authentication-for-remote-connections#client-certificate-based-authentication)
Current Terraform Version
Use-cases
to have password less authentication with WinRM just like ssh private_key.
this also solves the issue where if someone change user's password, which on Windows OS is quite normal, having certificate based authentication can still allow terraform to manage resources via WinRM.
Attempted Solutions
Nothing comes in mind to use passwordless auth for WinRM via terraform.
one way to solve is to install openssh service on Windows OS and use normal SSH connection instead of WinRM.
Proposal
if certificate based auth is allowed via connection block for WinRM , it might looks like below
my goal is password less auth so skipping
cert_password
attr, but that can be included for completeness, aspfx
certs can be password protected.References
https://cloudbase.it/windows-without-passwords-in-openstack/
not related to terraform or solution, but above link has quick setup on how to setup WinRM for cert based auth and how to use that from linux system.