terraform-registry/terraform-vault-tenant
terraform-registry/terraform-vault-tenant
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: remove duplicate resource
All checks were successful
development / Check commit compliance (push) Successful in 4s
Details
pull-requests-open / Check commit compliance (pull_request) Successful in 5s
Details

Browse Source
This commit is contained in:
Bertrand Lanson 2024-05-26 16:24:57 +02:00
parent 23ba2c3cea
commit 47f53a2a20
Signed by: lanson
SSH Key Fingerprint: SHA256:/nqc6HGqld/PS208F6FUOvZlUzTS0rGpNNwR5O2bQBw
3 changed files with 10 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
README.md
View File

@ -38,8 +38,7 @@ No modules.
| [vault_approle_auth_backend_role_secret_id.tenant_admin](https://registry.terraform.io/providers/hashicorp/vault/latest/docs/resources/approle_auth_backend_role_secret_id) | resource |
| [vault_auth_backend.approle](https://registry.terraform.io/providers/hashicorp/vault/latest/docs/resources/auth_backend) | resource |
| [vault_identity_entity.extra_roles](https://registry.terraform.io/providers/hashicorp/vault/latest/docs/resources/identity_entity) | resource |
| [vault_identity_entity.tenant_admin](https://registry.terraform.io/providers/hashicorp/vault/latest/docs/resources/identity_entity) | resource |
| [vault_identity_group.tenant_group](https://registry.terraform.io/providers/hashicorp/vault/latest/docs/resources/identity_group) | resource |
| [vault_identity_group.this](https://registry.terraform.io/providers/hashicorp/vault/latest/docs/resources/identity_group) | resource |
| [vault_identity_group_alias.this](https://registry.terraform.io/providers/hashicorp/vault/latest/docs/resources/identity_group_alias) | resource |
| [vault_policy.extra_policies](https://registry.terraform.io/providers/hashicorp/vault/latest/docs/resources/policy) | resource |
| [vault_policy.tenant_admin](https://registry.terraform.io/providers/hashicorp/vault/latest/docs/resources/policy) | resource |

13
admin_role.tf
View File

@ -12,19 +12,6 @@ resource "vault_approle_auth_backend_role_secret_id" "tenant_admin" {
secret_id = random_uuid.tenant_admin_secret_id.result
}
resource "vault_identity_group" "tenant_group" {
name = var.tenant_name
type = "internal"
}
resource "vault_identity_entity" "tenant_admin" {
name = "${var.tenant_prefix}-admin"
metadata = {
tenant = var.tenant_name
prefix = var.tenant_prefix
}
}
resource "vault_policy" "tenant_admin" {
name = "${var.tenant_name}-admin"
policy = var.tenant_admin_policy_file == null ? templatefile("${path.module}/policies/tenant-admins.policy.hcl", { tenant_prefix = var.tenant_prefix }) : file(var.tenant_admin_policy_file)

9
approle_auth.tf
View File

@ -7,6 +7,15 @@ resource "vault_auth_backend" "approle" {
}
}
resource "vault_identity_group" "this" {
name = var.tenant_name
type = "internal"
metadata = {
tenant = var.tenant_name
prefix = var.tenant_prefix
}
}
resource "vault_identity_group_alias" "this" {
name = var.tenant_name
mount_accessor = vault_auth_backend.approle.accessor