Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature: Add support for "Service Accounts" #545

Merged
merged 4 commits into from
Nov 17, 2024
Merged

Feature: Add support for "Service Accounts" #545

merged 4 commits into from
Nov 17, 2024
+246 −31

Conversation

MovieStoreGuy
Copy link
Collaborator

Context

Since actions that require "admin" are only applied to session tokens, it means that customers need a means of supplying an session token. This can result in a session token that is stored within a vault service or user input for that given CI run.

This is typically fine in most cases considering admins have a lot of power in the account, however, in the scenario that you want to provide a greater level of automation, supplying a session token becomes cumbersome.

Hence, the idea of a "service account" then allows that increased level of autonomy since a session token can be create on behalf of the service account in the provider.

A service account is purely a user that can authenticate via email/password (meaning it has to be manually added into the org, and can't use an SSO user). This removes the 30d restriction that is applied to session tokens, and any external management that would be needed to be done by the user prior.

Changes

  • Provider supports authentication by "service accounts"
  • Included documentation on what is meant by "service account"

Intended Release

v9.3.0

No breaking changes since this currently extends the current configuration and doesn't change the existing behaviour.

@MovieStoreGuy
Adding the ability for service accounts
028cea5 
To help improve how terraform can be run inside a CI/CD pipeline
without needed to take additional steps for Admin actions. This allows
inbuilt support for supplying username and password (service account) to
then apply the actions using those details.
@codecov Codecov
Copy link

codecov bot commented Nov 13, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 89.83051% with 6 lines in your changes missing coverage. Please review.

Project coverage is 94.87%. Comparing base (add0a00) to head (1d6df17).

Files with missing lines Patch % Lines
internal/definition/provider/provider.go 91.66% 2 Missing and 1 partial ⚠️
internal/providermeta/meta.go 86.95% 2 Missing and 1 partial ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #545      +/-   ##
==========================================
- Coverage   95.04%   94.87%   -0.18%     
==========================================
  Files          35       35              
  Lines        2059     2107      +48     
==========================================
+ Hits         1957     1999      +42     
- Misses         85       89       +4     
- Partials       17       19       +2

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@MovieStoreGuy MovieStoreGuy merged commit 94c91d4 into splunk-terraform:main Nov 17, 2024
8 checks passed
@github-actions github-actions bot locked and limited conversation to collaborators Nov 17, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@mattpatl mattpatl mattpatl left review comments

@atoulme atoulme atoulme approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@MovieStoreGuy @atoulme @mattpatl