terraform-registry/terraform-vault-tenant
terraform-registry/terraform-vault-tenant
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Terraform module to deploy tenant in Hashicorp Vault community version.
2 Commits 1 Branch 2 Tags 114 KiB
HCL 100%
f51a8bf1f1
Go to file
Bertrand Lanson f51a8bf1f1
feat: add first roles and approle auth method for tenant
2024-05-24 23:50:51 +02:00
.gitea/workflows feat: add first roles and approle auth method for tenant 2024-05-24 23:50:51 +02:00
.cz.toml feat: add first roles and approle auth method for tenant 2024-05-24 23:50:51 +02:00
.pre-commit-config.yaml feat: add first roles and approle auth method for tenant 2024-05-24 23:50:51 +02:00
admin_approle.tf feat: add first roles and approle auth method for tenant 2024-05-24 23:50:51 +02:00
extra_policies.tf feat: add first roles and approle auth method for tenant 2024-05-24 23:50:51 +02:00
LICENSE Initial commit 2024-05-24 15:31:14 +00:00
main.tf feat: add first roles and approle auth method for tenant 2024-05-24 23:50:51 +02:00
outputs.tf feat: add first roles and approle auth method for tenant 2024-05-24 23:50:51 +02:00
README.md feat: add first roles and approle auth method for tenant 2024-05-24 23:50:51 +02:00
variables.tf feat: add first roles and approle auth method for tenant 2024-05-24 23:50:51 +02:00

README.md

terraform-vault-tenant

Terraform module to deploy tenant in Hashicorp Vault community version.

Requirements

Name Version
terraform >= 1.0.0

Providers

Name Version
random n/a
vault n/a

Modules

No modules.

Resources

Name Type
random_uuid.extra_roles_secret_id resource
random_uuid.tenant_admin_secret_id resource
vault_approle_auth_backend_role.extra_roles resource
vault_approle_auth_backend_role.tenant_admin resource
vault_approle_auth_backend_role_secret_id.extra_roles resource
vault_approle_auth_backend_role_secret_id.tenant_admin resource
vault_auth_backend.approle resource
vault_identity_entity.extra_roles resource
vault_identity_entity.tenant_admin resource
vault_policy.extra_policies resource
vault_policy.tenant_admin resource

Inputs

Name Description Type Default Required
global_approle_mount The mount path for the global AppRole authentication method string "approle" no
tenant_additional_roles A map of additional role names, with the path to the associated policy file to add for this tenant.
A separate approle auth method is created for this tenant (mounted at auth/-approle) including all the roles declared in this variable.
The variable should look like:
tenant_additional_roles = {
devs = {
policy_file = "/some/path/to/policy.hcl"
}
admins = {...}
}		 
map(object({
    policy_file = string
  }))
 {} no
tenant_admin_policy_file The path to the admin policy file for this tenant string n/a yes
tenant_name The name of the tenant you want to create string n/a yes
tenant_prefix The prefix to use for the tenant in vault (this will prefix mount points, policies, etc..) string n/a yes

Outputs

No outputs.