Alternative authentication
Set up authorization to best fit the way you work by customizing your credentials.
Use multiple API clients
Having more than one API client lets you set the scope of work at the authentication level.
- Manage different sets of credentials for staging and production.
- Set which services a client has access to and to what level, read, write, or both.
- Differentiate client accounts and contracts.
To use multiple API clients, place all sets of your credentials in the same .edgerc
file, separating them with an empty line and under a new header.
Headers must be inside brackets and use lowercase letters. If needed, you can use dashes, underscores, and spaces.
[default]
client_secret = exampleabcdEcSnaAt123FNkBxy456z25qx9Yp5CPUxlEfQeTDk
host = exampleakab-lmn789n2k53w7qrs10cxy-nfkxaa4lf.luna.akamaiapis.net
access_token = exampleakab-zyx987xa6osbli4k-e7jf5ikib
client_token = exampleakab-nomoflavjuc4422-fa2xznerx
[second_section]
client_secret = exampleabcdEcSnaAt123FNkBxy456z25qx9Yp5CPUxlEfQeTD
host = example2akab-lmn789n2k53w7qrs10cx-nfkxaa4lf.luna.akamaiapis.net
access_token = example2akab-zyx987xa6osblik-e7jf5ikib
client_token = example2akab-nomoflavuc4422-fa2xznerx
Use the section header you need as the value for the config_section
argument in the provider block of your akamai.tf
file.
provider "akamai" {
edgerc = "~/.edgerc"
config_section = "second_section"
}
Switch accounts
When you're working with more than one account, move between them using an account switch key with an API client enabled to manage multiple accounts.
If you already have a managed API key, skip to step 3.
-
Navigate to the Users and API Clients section of Akamai Control Center, click Create API client, and choose to create an advanced client.
-
At Client options, choose to let your client manage multiple accounts, set the remainder of the permissions to your use case, and click create.
-
On your API client's details page, enter the account name or ID you want in the accounts you manage field. Copy the account switch key provided and your client's credentials.
-
Open your
.edgerc
file and paste in your credentials under a descriptive heading. Add to the bottom of this list anaccount_key
field with your account switch key as the value. Save your changes.If you have multiple accounts, you can use the same base set of credentials with different switch keys for each of your accounts.
[my_managed_account] client_secret = C113nt53KR3TN6N90yVuAgICxIRwsObLi0E67/N8eRN= host = akab-h05tnam3wl42son7nktnlnnx-kbob3i3v.luna.akamaiapis.net access_token = akab-acc35t0k3nodujqunph3w7hzp7-gtm6ij client_token = akab-c113ntt0k3n4qtari252bfxxbsl-yvsdj account_key = A-CCT1234:A-CCT5432
[base_managed_credentials] client_secret = C113nt53KR3TN6N90yVuAgICxIRwsObLi0E67/N8eRN= host = akab-h05tnam3wl42son7nktnlnnx-kbob3i3v.luna.akamaiapis.net access_token = akab-acc35t0k3nodujqunph3w7hzp7-gtm6ij client_token = akab-c113ntt0k3n4qtari252bfxxbsl-yvsdj [base_managed_creds_plus_acctkey1] client_secret = C113nt53KR3TN6N90yVuAgICxIRwsObLi0E67/N8eRN= host = akab-h05tnam3wl42son7nktnlnnx-kbob3i3v.luna.akamaiapis.net access_token = akab-acc35t0k3nodujqunph3w7hzp7-gtm6ij client_token = akab-c113ntt0k3n4qtari252bfxxbsl-yvsdj account_key = A-CCT1234:A-CCT5432 [base_managed_creds_plus_acctkey2] client_secret = C113nt53KR3TN6N90yVuAgICxIRwsObLi0E67/N8eRN= host = akab-h05tnam3wl42son7nktnlnnx-kbob3i3v.luna.akamaiapis.net access_token = akab-acc35t0k3nodujqunph3w7hzp7-gtm6ij client_token = akab-c113ntt0k3n4qtari252bfxxbsl-yvsdj account_key = A-CCT9876:A-CCT7890
-
In your Terraform configuration file, locate the
config_section
argument. Change the value to your account switch set of credentials to make infrastructure changes for that account.All Terraform commands you run use the account switch key to access and configure infrastructure until you change the section value.
provider "akamai" { edgerc = "~/.edgerc" config_section = "my_managed_account" }
See also
Updated 7 months ago