@@ -17,9 +17,19 @@ Application Credentials are tokens that can be used as an alternative to logging
On EMBL's de.NBI OpenStack cloud visit the [Application Credentials](https://denbi.cloud.embl.de/dashboard/identity/application_credentials/) interface and create a new application credential providing only a name.
You will then be presented with an `ID` and a `Secret` which you should use to configure terraform.
Variables can be passed to terraform directly in the command-line or through environment variables.
Variables can be passed to terraform directly in the command-line or through environment variables.
For convenience we'll be using environment variables.
### SSH Authentication
As a final step in the process of creating a VM, terraform will connect to it via SSH and, once successful, will start ansible, that will also connect via SSH.
For this process to work, you should have an `ssh-agent` running and `ssh-add` the private key that matches the public key specified in then `SSH_KEY` variable (see below for details).
Both terraform and ansible will automatically use the ssh-agent to authenticate.
If this process doesn't work for you, make sure your `ssh-agent` doesn't have too many identities loaded.
Consider retrying after deleting all identities (`ssh-add -D`) and `ssh-add` the specific private key.
### Required variables
In addition to application credentials, the following variables need to be defined for terraform.
