ndavidson-pulse
commented
5 years ago Hi lewissw - we don't support credentials files but there is a simple work around.
If you're initializing your provider with hard-coded credentials then you can just switch them to using a variable, for example:
provider "vtm" {
base_url = "https://${var.vtm_rest_ip}:${var.vtm_rest_port}/api"
username = "${var.vtm_username}"
password = "${var.vtm_password}"
version = "~> 6.0.0"
}You can then pass an extra vars file with just the username and password, for example:
$ terraform <apply|plan> -var-file=<secrets.tfvars>
This will still use any variables you have specified in variables.tfvars so you can keep your deployment parameters and your secrets completely separate and protect your secrets with file system permissions.
Hope that helps!
Regards,
Nick
We have a number of people who will use the VTM provider to control VTM resouces. Each user has their own separate user/pw on the VTM, What's the best method for individuals to hold their creds, so they don't have to type in each time?
Do you support s credential file like AWS provider? e.g. provider "aws" { region = "us-west-2" shared_credentials_file = "/Users/tf_user/.aws/creds" profile = "customprofile" }
BTW, with AWS if shared_credentials_file is not specified the cred are retreived from .aws/credentials under the users home directory.
thanks
Steve