Problem description
We have a use-case where we provision a SKE Cluster, and after the cluster is created perform additional configuration with the kuberntes and helm Terraform provider.
To get credentials we use the stackit_ske_kubeconfig resource, which works well, but this means that the generated kubeconfig will be stored in the state. We can mitigate the risks of this by setting a short expiration time.
Proposed solution
I think the semantics of the ephemeral resource type would fit very well for this. It could implement a solution similar to the downloadable Kubeconfigs with StackIT CLI integration, where in this case the provider would issue a credential similar to the stackit ske kubeconfig login when the ephemeral resource is opened.
Problem description
We have a use-case where we provision a SKE Cluster, and after the cluster is created perform additional configuration with the kuberntes and helm Terraform provider.
To get credentials we use the
stackit_ske_kubeconfigresource, which works well, but this means that the generated kubeconfig will be stored in the state. We can mitigate the risks of this by setting a short expiration time.Proposed solution
I think the semantics of the ephemeral resource type would fit very well for this. It could implement a solution similar to the downloadable Kubeconfigs with StackIT CLI integration, where in this case the provider would issue a credential similar to the
stackit ske kubeconfig loginwhen the ephemeral resource is opened.