0e9b97a513
* feat(access-token): add ephemeral access-token resource Signed-off-by: Mauritz Uphoff <mauritz.uphoff@stackit.cloud>
3.3 KiB
| page_title | subcategory | description |
|---|---|---|
| stackit_access_token Ephemeral Resource - stackit | Ephemeral resource that generates a short-lived STACKIT access token (JWT) using a service account key. A new token is generated each time the resource is evaluated, and it remains consistent for the duration of a Terraform operation. If a private key is not explicitly provided, the provider attempts to extract it from the service account key instead. Access tokens generated from service account keys expire after 60 minutes. ~> Service account key credentials must be configured either in the STACKIT provider configuration or via environment variables (see example below). If any other authentication method is configured, this ephemeral resource will fail with an error. ~> This ephemeral-resource is in beta and may be subject to breaking changes in the future. Use with caution. See our guide https://registry.terraform.io/providers/stackitcloud/stackit/latest/docs/guides/opting_into_beta_resources for how to opt-in to use beta resources. |
stackit_access_token (Ephemeral Resource)
Ephemeral resource that generates a short-lived STACKIT access token (JWT) using a service account key. A new token is generated each time the resource is evaluated, and it remains consistent for the duration of a Terraform operation. If a private key is not explicitly provided, the provider attempts to extract it from the service account key instead. Access tokens generated from service account keys expire after 60 minutes.
~> Service account key credentials must be configured either in the STACKIT provider configuration or via environment variables (see example below). If any other authentication method is configured, this ephemeral resource will fail with an error.
~> This ephemeral-resource is in beta and may be subject to breaking changes in the future. Use with caution. See our guide for how to opt-in to use beta resources.
Example Usage
provider "stackit" {
default_region = "eu01"
service_account_key_path = "/path/to/sa_key.json"
enable_beta_resources = true
}
ephemeral "stackit_access_token" "example" {}
locals {
stackit_api_base_url = "https://iaas.api.stackit.cloud"
public_ip_path = "/v2/projects/${var.project_id}/regions/${var.region}/public-ips"
public_ip_payload = {
labels = {
key = "value"
}
}
}
# Docs: https://registry.terraform.io/providers/Mastercard/restapi/latest
provider "restapi" {
uri = local.stackit_api_base_url
write_returns_object = true
headers = {
Authorization = "Bearer ${ephemeral.stackit_access_token.example.access_token}"
Content-Type = "application/json"
}
create_method = "POST"
update_method = "PATCH"
destroy_method = "DELETE"
}
resource "restapi_object" "public_ip_restapi" {
path = local.public_ip_path
data = jsonencode(local.public_ip_payload)
id_attribute = "id"
read_method = "GET"
create_method = "POST"
update_method = "PATCH"
destroy_method = "DELETE"
}
Schema
Read-Only
access_token(String, Sensitive) JWT access token for STACKIT API authentication.