I need to create resources in Boundary using Terraform. I’ve been using the Boundary provider in Terraform and, up to this point, have used admin password and token for authentication. However, I understand that these tokens have a lifespan of only 7 days, which isn’t ideal for my needs.
I’m exploring more permanent solutions for authenticating the Boundary provider with Terraform. I’m looking for a method that is both secure and sustainable over a longer period.
We’ve begun preliminary work on “app tokens” which should solve this problem holistically including the ability to set a future expiration time of up to three yrs. With that said, there isn’t a release date for the feature at this point and it will be quite some time before it’s ready.
In the meantime, your current use of password auth for the TF provider is the best path forward. Each time the provider connects, it will get a new auth token for the TF run.
I checked roles for this admin account and it has full access. It will work if I supply the outputted token from the CLI when logging in as admin user and password as below.