Prerequisites
- Terraform Cloud and Enterprise
- Bitbucket Datacenter and Server
- Terminal with access to openssl and ssh-keygen commands
Use Case
- Generate a consumer and PEM key pair to setup the VCS provider connection to Bitbucket Datacenter and Server. This applies to Step 1 item 5 of the official documentation
Procedure
- Toggle Use Custom Keys, it will display three empty fields for: Consumer key, Public key and Private key
- Open the terminal and generate a consumer key and paste it in HCP/TFE
❯ openssl rand -base64 32|pbcopy
QO2TjuZ6FzbWMqJcA6uR757NJOi65be1yZBqgl0A9aw= - Generate a custom SSH key first (adjust the path and key name appropriately). Only hit enter when prompted for a passphrase.
❯ ssh-keygen -t rsa -m PEM -f "/Users/jsorondo/.ssh/custom_terraform" -C "custom_terraform_enterprise"
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /Users/jsorondo/.ssh/custom_terraform
Your public key has been saved in /Users/jsorondo/.ssh/custom_terraform.pub
The key fingerprint is:
SHA256:qC5yFJJ42HJuGqJSML+fUDIu3/Ze+ZIEz/hLEJEy86k custom_terraform_enterprise
The key's randomart image is:
+---[RSA 3072]----+
| .. |
| + .. |
|.+ =.. |
|O = +o |
| Xo...o=S |
|o.*+E...+. |
|+*o.. o+. |
|=o++.. o+. |
|.o.+=oo .o. |
+----[SHA256]-----+
- Using openssl retrieve the public key in PEM format, copy to the clipboard and paste it in the Public key field.
❯ openssl rsa -in ~/.ssh/custom_terraform -outform PEM -pubout -out ~/.ssh/pubkey.pem
writing RSA key
❯ cat ~/.ssh/pubkey.pem|pbcopy - Copy the private key to the clipboard and paste it in the Private key field
cat ~/.ssh/custom_terraform|pbcopy
- Continue from Step 2 of the official documentation to complete the setup