Decoding access token fails intermittently
Closed this issue · 2 comments
terraform-ibm-watsonx-saas-da/main.tf
Line 56 in db51d5c
Terraform's base64decode function is sensitive to base64 padding and the JWT token does not have one.
When the token part has certain length that would require the padding (trailing ==
) in the encoded value, base64decode throws an error and plan/apply fails.
Apparently parsing the token for an account ID is not a good idea.
I think it would be better to fetch the necessary attributes in the configure_project module that should construct the URL and return it. Account ID can be parsed from a CRN of a watson instance.
I ran into this while deploying the DA with a trusted profile. Apparently the JWT attributes of the trusted profile have exactly the length to need base64 padding.