-
Notifications
You must be signed in to change notification settings - Fork 538
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support https endpoint #609
Comments
I am curious. May I know how you get the endpoint url? How do you know it is http, not https? When I enable debug ( |
I did Wireshark inspections to see the requests designated to AliCloud endpoints and found that they are http based. I would be a nice feature in terraform to include request logs if TF_LOG debug applied. |
Wow that's scary! I tried to fix this in a PR here: #613. Does this fix the https issues you saw? |
HI @ninja-at-work Currently, all of services have supported https and please update to release 1.27.0. |
It looks like OTS is still using HTTP fd70bf9. Maybe we should update the docs with a warning that using OTS resources is insecure? |
Hi @chanind I am sorry. I am working on resolving ots supports https and it will support in the next version. |
Ok thanks for your hard work @xiaozhu36! |
Hello,
Please add support for
https
connection in provider configuration. Currently, all requests to AliCloud API are sent via HTTP protocol which is not secure and contains sensitive data like access key.Example:
This issue is very urgent from a security perspective.
Thanks,
The text was updated successfully, but these errors were encountered: