authentication using service account and apigeex support?

[ma198307]

Does this provider support ApigeeX and authentication using service account? From doc it seems currently it doesn't, is it correct? Also SAML support is not there in ApigeeX for auth.

[scastria]

Kind of. Apigee X has a slightly different set of REST API so the provider must handle the differences. I don’t have access to Apigee X so I can’t test against it. You can always try it and report any bugs you find.

Regarding service accounts, I just approved some PRs that add Service account support to proxies and shared flows but i don’t know much about it. The docs have been updated for proxies and shared flows regarding service accounts

[arnaduga]

Hello

I tried to create a KVM (empty at first) using the token given by the command "gcloud auth login" (with an admin account)

The terraform plan seems to be happy but when terraform apply, I got an http/401 Unauthorized message.

Once being said, I've read that Apigee X KVM keys cannot be set via console or API, but just KVM policies... So, it makes sense a Terraform provider (based on API) won't be able to do it...

I also tried the same token but for a Target Server creation. Same error : http/401

[gavinbd]

provider "apigee" {
  access_token = var.access_token
  organization = var.organization
  server       = "apigee.googleapis.com"
}

terraform plan --var="access_token=$(shell gcloud auth print-access-token)"

This is how i am managing deployments

[arnaduga]

Thanks for sharing!

However, the KVM won't be able to be created/populated with this, as there is no more API for KVM :/

It seems the Apigee recommendation is to use a API proxy to be deployed.

[arnaduga]

Well ... It seems Apigee X has a API for kvm admin (in release of June 2nd): API Doc here