diff --git a/builtin/providers/triton/provider.go b/builtin/providers/triton/provider.go index 4c21722c2..8a56b5dc4 100644 --- a/builtin/providers/triton/provider.go +++ b/builtin/providers/triton/provider.go @@ -42,6 +42,12 @@ func Provider() terraform.ResourceProvider { Required: true, DefaultFunc: schema.MultiEnvDefaultFunc([]string{"TRITON_KEY_ID", "SDC_KEY_ID"}, ""), }, + + "insecure_skip_tls_verify": { + Type: schema.TypeBool, + Optional: true, + DefaultFunc: schema.EnvDefaultFunc("TRITON_SKIP_TLS_VERIFY", ""), + }, }, ResourcesMap: map[string]*schema.Resource{ @@ -56,10 +62,11 @@ func Provider() terraform.ResourceProvider { } type Config struct { - Account string - KeyMaterial string - KeyID string - URL string + Account string + KeyMaterial string + KeyID string + URL string + InsecureSkipTLSVerify bool } func (c Config) validate() error { @@ -98,6 +105,10 @@ func (c Config) getTritonClient() (*triton.Client, error) { return nil, errwrap.Wrapf("Error Creating Triton Client: {{err}}", err) } + if c.InsecureSkipTLSVerify { + client.InsecureSkipTLSVerify() + } + return client, nil } @@ -106,6 +117,8 @@ func providerConfigure(d *schema.ResourceData) (interface{}, error) { Account: d.Get("account").(string), URL: d.Get("url").(string), KeyID: d.Get("key_id").(string), + + InsecureSkipTLSVerify: d.Get("insecure_skip_tls_verify").(bool), } if keyMaterial, ok := d.GetOk("key_material"); ok { diff --git a/website/source/docs/providers/triton/index.html.markdown b/website/source/docs/providers/triton/index.html.markdown index 7dc866d27..22b9a40e6 100644 --- a/website/source/docs/providers/triton/index.html.markdown +++ b/website/source/docs/providers/triton/index.html.markdown @@ -33,3 +33,4 @@ The following arguments are supported in the `provider` block: * `key_material` - (Optional) This is the private key of an SSH key associated with the Triton account to be used. If this is not set, the private key corresponding to the fingerprint in `key_id` must be available via an SSH Agent. * `key_id` - (Required) This is the fingerprint of the public key matching the key specified in `key_path`. It can be obtained via the command `ssh-keygen -l -E md5 -f /path/to/key` * `url` - (Optional) This is the URL to the Triton API endpoint. It is required if using a private installation of Triton. The default is to use the Joyent public cloud us-west-1 endpoint. Valid public cloud endpoints include: `us-east-1`, `us-east-2`, `us-east-3`, `us-sw-1`, `us-west-1`, `eu-ams-1` +* `insecure_skip_tls_verify` (Optional - defaults to false) This allows skipping TLS verification of the Triton endpoint. It is useful when connecting to a temporary Triton installation such as Cloud-On-A-Laptop which does not generally use a certificate signed by a trusted root CA.