Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Provide the suggested way how to securely setup provider in the documentation. #115

Closed
volodymyrZotov opened this issue Dec 1, 2023 · 0 comments · Fixed by #121
Closed

Provide the suggested way how to securely setup provider in the documentation. #115

volodymyrZotov opened this issue Dec 1, 2023 · 0 comments · Fixed by #121
Assignees
@volodymyrZotov

Comments

@volodymyrZotov
Copy link
Collaborator

Currently, in the documentation we provide either this example to set up provider

// README.md
provider "onepassword" {
  url = "http://localhost:8080"
}

or this

// README in Terraform Registry (`templates/index.md.tmpl` file)
provider "onepassword" {
  URL                                 = "http://localhost:8080"
  token                               = "CONNECT_TOKEN"
  service_account_token = "SERVICE_ACCOUNT_TOKEN"
  op_cli_path                     = "OP_CLI_PATH"
}

Setting the sensitive values (tokens) directly in the terraform script is not secure, as it can be accidentally pushed and potentially leak the secrets. Therefore, the suggested and more secure way to set up the provider will be to use env variables OP_SERVICE_ACCOUNT_TOKEN to use service accounts and OP_CONNECT_TOKEN to use Connect.

We need to update the documentation to reflect this.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@volodymyrZotov volodymyrZotov

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Update documentation 1Password/terraform-provider-onepassword
1 participant
@volodymyrZotov