Add auth and state access for terraform-authentik (#78)
ci/woodpecker/push/apply Pipeline was successful
ci/woodpecker/push/apply Pipeline was successful
## Summary - K8s auth role for Woodpecker CI (`terraform-authentik` SA in `woodpecker` namespace) - AppRole for local terraform runs - Consul secret backend role (`terraform-authentik`, TTL 120/300) - Consul ACL policy for `infra/terraform/authentik/` key prefix - Vault policy granting both auth methods access to Consul creds Reviewed-on: #78 Co-authored-by: Ben Vincent <ben@unkin.net> Co-committed-by: Ben Vincent <ben@unkin.net>
This commit was merged in pull request #78.
This commit is contained in:
@@ -0,0 +1,7 @@
|
||||
key_prefix "infra/terraform/authentik/" {
|
||||
policy = "write"
|
||||
}
|
||||
|
||||
session_prefix "" {
|
||||
policy = "write"
|
||||
}
|
||||
Reference in New Issue
Block a user