feat: change certmanage to approles

- created approle 'certmanager' using 'certmanager' policy
- update certmanager script to generate token based on roleid
This commit is contained in:
2024-04-04 00:32:08 +11:00
parent e69b3a9dc4
commit 5bde96fb4d
4 changed files with 26 additions and 5 deletions
+2 -1
View File
@@ -30,6 +30,7 @@ profiles::puppet::gems::puppet:
profiles::helpers::certmanager::vault_config:
addr: 'https://198.18.17.39:8200'
mount_point: 'pki_int'
approle_path: 'approle'
role_name: 'servers_default'
output_path: '/tmp/certmanager'
token: "%{lookup('certmanager::vault_token')}"
role_id: "%{lookup('certmanager::role_id')}"