Closed sherifkayad closed 1 year ago
There is no such option and that would require user to set ignore_changes to passwords. That's not impossible, but it complicates whole terraform usage, so I wouldn't recommend using that.
I prefer auth_pam / auth_pam_compat from Percona. Those allow me to use an external authentication (like LDAP/AD), that may have its own policy.
@petoju thanks for the feedback. Can you please send me some examples to have a look at? .. I think I might consider either using the Azure AD or an OIDC provider we have on top of it to perform that
@sherifkayad here are installation instructions: https://www.percona.com/doc/percona-server/5.5/management/pam_plugin.html
For OIDC support, see https://www.percona.com/doc/percona-server/5.5/management/pam_plugin.html I didn't find more detailed public description.
Hi there,
just wanted to ask, is there a way to provision users whose password would expire after a certain period or at a given timestamp? .. The official docs of MySQL suggest that this could be possible on a user basis e.g. https://dev.mysql.com/doc/refman/5.7/en/password-management.html
In the
mysql_user
I couldn't find such an option. Am I missing something?