OAuth App support for VMC provider

Question

OAuth App support for VMC provider

Nareshcbit opened this issue 2 years ago · 6 comments

Is your feature request related to a problem? Please describe.

VMWare on AWS supports two types of tokens for accessing API
API Token : Associated with a user id
OAuth App: Not associated with a user id
Reference: https://vmc.techzone.vmware.com/resource/tech-reference-vmware-cloud-intro-api#

However, the terraform documentation(https://registry.terraform.io/providers/vmware/vmc/latest/docs) lists only API Token.
Some organizations don't allow using user api keys as per their security guidelines.

Describe the solution you'd like

VMC provider support OAuth App (server to server).
It would be a great help for organizations that doesn't allow using user api keys as per their security guidelines.

Describe alternatives you've considered

This is blocking my customer to use terraform.

We are looking at Python to automate SDDC.

Additional context

No response

Answer 1 · 2022-12-07T14:51:19.000Z

I would like to add State Street's request for this. Their company policy is to use OAuth2 for authentication. To stick with company directive, they need to authenticate the VMC provider with OAuth2 not API Tokens.

Answer 2 · 2023-01-12T00:45:16.000Z

@Nareshcbit - could you send me your customer details at mulayp@vmware.com. This will help us prioritize the ask.
@carsonpadawon - acknowledged.

Answer 3 · 2023-01-25T14:58:19.000Z

I hope I can release a new version of the provider with the OAuth2.0 App (server-to-server) authentication within a month.

Answer 4 · 2023-02-22T16:32:35.000Z

Some security fixes must be merged and the next version of the provider featuring OAuth2.0 App support will be released.

Answer 5 · 2023-02-23T14:43:21.000Z

Version 1.13 is out featuring support for OAuth App authentication:
https://github.com/vmware/terraform-provider-vmc/releases/tag/v1.13