You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As a user, I want to use the Terraform Infra provider to authenticate with a Kubernetes cluster, given the cluster is registered with Infra server.
The registration process requires deploying an Infra connector to the cluster which requires access to the cluster. This limits the usefulness of Infra as a Terraform Kubernetes credential provider since it requires a two step process. This would be useful for distributed configurations where an admin installs the connector and gives individual users/groups access. Those non-admins, not having the root cluster credentials, can then use Infra to access the cluster.
Currently, credentials are created with an immutable lifetime of 5 minutes. While this is sufficient for something like kubectl where each request can potentially request a new set of credentials, Terraform will create the credential once when the Terraform configuration is applied. With a sufficiently large Terraform plan, the credential may expire partway through the plan.
As a user, I want to use the Terraform Infra provider to authenticate with a Kubernetes cluster, given the cluster is registered with Infra server.
The registration process requires deploying an Infra connector to the cluster which requires access to the cluster. This limits the usefulness of Infra as a Terraform Kubernetes credential provider since it requires a two step process. This would be useful for distributed configurations where an admin installs the connector and gives individual users/groups access. Those non-admins, not having the root cluster credentials, can then use Infra to access the cluster.
Currently, credentials are created with an immutable lifetime of 5 minutes. While this is sufficient for something like
kubectlwhere each request can potentially request a new set of credentials, Terraform will create the credential once when the Terraform configuration is applied. With a sufficiently large Terraform plan, the credential may expire partway through the plan.Relates to #16
The text was updated successfully, but these errors were encountered: