Merge pull request #178 from dimitarproynov/main

Update documentation with the OAuth App authentication capability
vmware · Feb 23, 2023 · 642c11f · 642c11f
2 parents b7a2ff8 + caa5c0a
commit 642c11f
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 7 deletions.
diff --git a/examples/main.tf b/examples/main.tf
@@ -6,7 +6,8 @@ terraform {
   }
 }
 provider "vmc" {
-  refresh_token = var.api_token
+  client_id = var.client_id
+  client_secret = var.client_secret
   org_id = var.org_id
 }
 # Empty data source defined in order to store the org display name and name in terraform state

diff --git a/examples/variables.tf b/examples/variables.tf
@@ -1,8 +1,14 @@
-variable "api_token" {
-  description = "API token used to authenticate when calling the VMware Cloud Services API."
+variable "client_id" {
+  description = "ID of an OAuth App associated with the organization. It is recommended to use an OAuth App with least-privileged roles in automated environments."
   default = ""
 }
 
+variable "client_secret" {
+  description = "Secret of the OAuth App, associated with the organization. It is recommended to use an OAuth App with least-privileged roles in automated environments."
+  default = ""
+}
+
+
 variable "org_id" {
   description = "Organization Identifier."
   default = ""

diff --git a/website/docs/index.html.markdown b/website/docs/index.html.markdown
@@ -21,18 +21,22 @@ resources.
 In order to use the provider you need to obtain the authentication
 token from the Cloud Service Provider by providing the org scoped API token.
 The provider client uses Cloud Service Provider (CSP) API
-to exchange this org scoped API token for user access token.
+to exchange this org scoped API token/OAuth App Id and Secret for user access token.
 
-Note that in all of the examples you will need to update the `api_token` and `org_id` settings
-in the variables.tf file to match those configured in your VMC environment.
+Note that in all the examples you will need to update the `client_id` and `client_secret` or `api_token` 
+and `org_id` settings in the variables.tf file to match those configured in your VMC environment.
 
 
 ## Argument Reference
 
 The following arguments are used to configure the VMware Cloud on AWS Provider:
 
-* `api_token` - (Required) API token is used to authenticate when calling VMware Cloud Services APIs.
+* `api_token` - (Required, in conflict with "client_id" and "client_secret") API token is used to authenticate when calling VMware Cloud Services APIs.
    This token is scoped within the organization.
+* `client_id` - (Required in pair with "client_secret", in conflict with "api_token") ID of OAuth App associated with the organization. The combination with
+   "client_secret" is used to authenticate when calling VMware Cloud Services APIs.
+* `client_secret` - (Required in pair with "client_id", in conflict with "api_token") Secret of OAuth App associated with the organization. The combination with
+  "client_id" is used to authenticate when calling VMware Cloud Services APIs.
 *  `org_id` - (Required) Organization Identifier.
 *  `vmc_url` - (Optional) VMware Cloud on AWS URL. Default : https://vmc.vmware.com
 *  `csp_url` - (Optional) Cloud Service Provider URL. Default : https://console.cloud.vmware.com