Add mTLS support
Closed this issue · 0 comments
caffalaughrey commented
Summary
It would be a highly beneficial enhancement to allow secure communication with Temporal clusters via mTLS authentication.
Proposed Changes
New tls
Provider Block
Introduce a new tls
block to the temporal provider configuration.
TLS Configuration Parameters
cert_file
: Path to the client certificate file.key_file
: Path to the client private key file.ca_certs
: Path to the CA certificates file.server_name
: Server name to match against the server certificate.
Example Usage
provider "temporal" {
host = "127.0.0.1"
port = "7233"
# Add certs for mTLS auth.
tls {
cert_file = sensitive(file("path/to/cert.pem"))
key_file = sensitive(file("path/to/key.pem"))
ca_certs = sensitive(file("path/to/cacerts.pem"))
server_name = "server-name"
}
}
Expected Impact
Enables provider for use with secured clusters.