Open
Description
Describe the bug
I'm trying to use the elasticstack_fleet_enrollment_tokens data source, when using an api key for authentication.
Performing a terraform plan fails with a 401 Unauthorized status.
{"statusCode":401,"error":"Unauthorized","message":"[security_exception\n\tRoot causes:\n\t\tsecurity_exception: unable to authenticate with provided credentials and anonymous access is not allowed for this request]: unable to authenticate with provided credentials and anonymous access is not allowed for this request"}
To Reproduce
Steps to reproduce the behavior:
provider "elasticstack" {
fleet { # TODO inject
endpoint = "https://replace-me.kb.eu-west-1.aws.found.io:443"
api_key = "REPLACE_ME_APIKEY"
}
}
data "elasticstack_fleet_enrollment_tokens" "current" {
policy_id = null # fetch all tokenss
}
Expected behavior
Can use an apikey to authenticate with fleet.
Debug output
Run terraform command with TF_LOG=trace and provide extended information on TF operations.
Additional context
I verified that the apikey works when contacting the api directly.
After checking the provider implementation, I suspect that the provider sends authorization headers with the Bearer prefix. Apikeys are expected to use the Apikey prefix though - https://www.elastic.co/guide/en/cloud/current/ec-api-authentication.html