[Bug] Multiple Authorization headers sent in some cases #1393
Description
Describe the bug
Multiple Authorization headers sent when Kibana or Fleet is configured with a differing authoriation mechanism than Elasticsearch.
To Reproduce
Steps to reproduce the behavior:
- Configure provider to use Elasticsearch with apikey and Kibana with basic auth
provider "elasticstack" {
elasticsearch {
endpoints = ["https://<redacted-es-endpoint>:9200"]
api_key = var.elasticsearch_api_key
}
kibana {
endpoints = ["https://<redacted-kibana-endpoint>"]
username = "elastic"
password = "<redacted>"
}
}-
Apply plan to create or modify a resource with debug logs eg (
TF_LOG=debug terraform apply) -
Verify in logs multiple Authorization headers are sent in requests to Kibana
Note that if username / password are excluded from the kibana block only a single Authorization is sent.
Expected behavior
A single authorization header is sent regardless of authorization configuration. This aligns with RFC 7230. This is reported to have caused 400 responses when Elasticsearch is behind some proxies.
Debug output
2025-10-21T16:57:42.860+0200 [DEBUG] provider.terraform-provider-elasticstack_v0.12.0: Fleet API Request Details:
---[ REQUEST ]---------------------------------------
POST /api/fleet/outputs HTTP/1.1
Host: <redacted>
User-Agent: Go-http-client/1.1
Content-Length: 4611
Authorization: ***************************************************
Authorization: ********************************************************************
Content-Type: application/json
Kbn-Xsrf: true
Accept-Encoding: gzip
{
"config_yaml": "{}\n",
"hosts": [
"logstash:5444"
],
"id": "",
"is_default": false,
"is_default_monitoring": false,
"name": "Logstash test",
"ssl": {
"certificate": "-----BEGIN CERTIFICATE-----\nMII(...)=\n-----END CERTIFICATE-----\n",
"certificate_authorities": [
"-----BEGIN CERTIFICATE-----\nMII(...)=\n-----END CERTIFICATE-----\n"
],
"key": "-----BEGIN PRIVATE KEY-----\nMII(...)=\n-----END PRIVATE KEY-----\n"
},
"type": "logstash"
}
Versions (please complete the following information):
- OS: Macos
- Terraform Version: v1.9.3
- Provider version v0.12.1
- Elasticsearch Version 9.1.5
Additional context
Add any other context about the problem here. Links to specific affected code files and paths here are also extremely useful (if known).
Sample TF Config to Reproduce:
provider "elasticstack" {
elasticsearch {
endpoints = ["$var.es_https_endpoint}"]
api_key = "xxxxxxxxxx=="
}
kibana {
endpoints = ["${var.kibana_https_endpoint}"]
username = "elastic"
password = "<redacted>"
}
}
resource "elasticstack_fleet_output" "logstash" {
name = "Logstash"
type = "logstash"
default_integrations = false
default_monitoring = false
hosts = [
"foo.example.com:5444"
]
}