Terraform-provider-google: Add support for override the default endpoint URL and insecure option
Community Note
- Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
- Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
- If you are interested in working on this issue or have submitted a pull request, please leave a comment. If the issue is assigned to the "modular-magician" user, it is either in the process of being autogenerated, or is planned to be autogenerated soon. If the issue is assigned to a user, that user is claiming responsibility for the issue. If the issue is assigned to "hashibot", a community member has claimed the issue already.
Description
Allow to configure terraform to work with custom endpoint rather than www.googleapis.com/compute www.googleapis.com/storage and others.
Also, in case of selfsigned certificate on that endpoint, it would be great to provide an insecure option.
New or Affected Resource(s)
- None
Potential Terraform Configuration
Allow overriding the default endpoint URL. this option should allow connection to custom GCE endpoints
The insecure option should allow the provider to perform "insecure" SSL requests. If omitted, default value should be false.
# Propose what you think the configuration to take advantage of this feature should look like.
# We may not use it verbatim, but it's helpful in understanding your intent.
References
- #0000
eranco74
All 11 comments
How much "insecure"?.. Any background for the request?
Chupaka
on 30 Jan 2019
Hey @eran-stratoscale! As @Chupaka asked, it isn't clear which requests should be insecure or why based on this issue. Do you mind elaborating more, and sharing what kind of use case this opens up for you?
rileykarson
on 30 Jan 2019
Hey, I've updated the title and the description.
eranco74
on 30 Jan 2019
Thanks! If this is for https://www.terraform.io/docs/providers/google/r/endpoints_service.html, can you point out somewhere else the default endpoint URL / insecure option can be configured? For example, on the Cloud Console, gcloud, or through an API / language-specific client.
rileykarson
on 30 Jan 2019
Hey @rileykarson
This request is relevant for running terraform using the google provider on cloud providers that support the google cloud platform API.
In gcloud I can configure api endpoint overrides:
gcloud config set api_endpoint_overrides/compute http://localhost:8082/
This option is also supported in terraform aws provider:
https://github.com/terraform-providers/terraform-provider-aws/blob/master/aws/config.go#L159
In the aws provider there is also an option to configure the insecure flag:
https://github.com/terraform-providers/terraform-provider-aws/blob/master/aws/config.go#L179
eranco74
on 3 Feb 2019
@Chupaka @rileykarson does the requirement make sense? The goal is to configure terraform to work with custom endpoint rather than google.com/ auth2.google.com and others.
Also, in case of selfsigned certificate on that endpoint, it would be great to provide an insecure mode.
Similar to what aws provider supports
romfreiman
on 11 Feb 2019
The requirement makes sense, I'll follow through on what changes this would require. I'll probably post an update ~EOW.
rileykarson
on 11 Feb 2019
Alright, went through the changes with the team and confirmed this is something we want to do. That said, it's also something we'd like to cut over almost entirely in a single release, and there's some work to be done in Magic Modules to support this use case. None of us have cycles immediately, but this is absolutely an issue we're going to tackle for a future release.
If I don't find time within the next ~month I'll set aside time to work through this change.
rileykarson
on 15 Feb 2019
@rileykarson can we @ Stratoscale assist maybe?
romfreiman
on 17 Feb 2019
I'd rather do most of this in one swoop I think, it's just a matter of me getting enough time to accomplish that in a short enough time period to include it in a release window.
rileykarson
on 19 Feb 2019
I'm going to lock this issue because it has been closed for _30 days_ ⏳. This helps our maintainers find and focus on the active issues.
If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks!
![hashibot[bot] picture](https://avatars2.githubusercontent.com/in/8332?v=4&s=40)
hashibot[bot]
on 14 Jul 2019
Related issues
jpza
·
42Comments
ryu1kn
·
32Comments
aeneasr
·
25Comments
vncntvandriessche
·
26Comments
hashibot
·
30Comments
Most helpful comment
Alright, went through the changes with the team and confirmed this is something we want to do. That said, it's also something we'd like to cut over almost entirely in a single release, and there's some work to be done in Magic Modules to support this use case. None of us have cycles immediately, but this is absolutely an issue we're going to tackle for a future release.
If I don't find time within the next ~month I'll set aside time to work through this change.