Closed sherifkayad closed 1 year ago
petoju
commented
1 year ago There is no such option and that would require user to set ignore_changes to passwords. That's not impossible, but it complicates whole terraform usage, so I wouldn't recommend using that.
I prefer auth_pam / auth_pam_compat from Percona. Those allow me to use an external authentication (like LDAP/AD), that may have its own policy.
sherifkayad
commented
1 year ago @petoju thanks for the feedback. Can you please send me some examples to have a look at? .. I think I might consider either using the Azure AD or an OIDC provider we have on top of it to perform that
petoju
commented
1 year ago @sherifkayad here are installation instructions: https://www.percona.com/doc/percona-server/5.5/management/pam_plugin.html
For OIDC support, see https://www.percona.com/doc/percona-server/5.5/management/pam_plugin.html I didn't find more detailed public description.
Hi there,
just wanted to ask, is there a way to provision users whose password would expire after a certain period or at a given timestamp? .. The official docs of MySQL suggest that this could be possible on a user basis e.g. https://dev.mysql.com/doc/refman/5.7/en/password-management.html
In the
mysql_userI couldn't find such an option. Am I missing something?