chore: cleanup unused config data

- remove token_policies from roles config data, this comes from policies.hcl inputs
- remove policies from ldap groups
- remove backend data from roles, this comes from config.hcl inputs
This commit is contained in:
2026-01-26 23:51:50 +11:00
parent 1c9e063310
commit f6d06cb319
28 changed files with 5 additions and 88 deletions
@@ -5,7 +5,4 @@ bound_service_account_namespaces:
- csi-cephrbd
- csi-cephfs
token_ttl: 60
token_policies:
- kv/service/kubernetes/au/syd1/csi/ceph-rbd-secret/read
- kv/service/kubernetes/au/syd1/csi/ceph-cephfs-secret/read
audience: vault
@@ -3,7 +3,4 @@ bound_service_account_names:
bound_service_account_namespaces:
- cert-manager
token_ttl: 60
token_policies:
- pki_int/sign/servers_default
- pki_int/issue/servers_default
audience: vault
@@ -3,6 +3,4 @@ bound_service_account_names:
bound_service_account_namespaces:
- externaldns
token_ttl: 60
token_policies:
- kv/service/kubernetes/au/syd1/externaldns/tsig/read
audience: vault
@@ -3,7 +3,4 @@ bound_service_account_names:
bound_service_account_namespaces:
- huntarr
token_ttl: 60
token_policies:
- pki_int/sign/servers_default
- pki_int/issue/servers_default
audience: vault
@@ -3,7 +3,4 @@ bound_service_account_names:
bound_service_account_namespaces:
- media-apps
token_ttl: 60
token_policies:
- kv/service/media-apps/radarr/read
- kv/service/media-apps/sonarr/read
audience: vault
@@ -3,10 +3,4 @@ bound_service_account_names:
bound_service_account_namespaces:
- repoflow
token_ttl: 60
token_policies:
- kv/service/repoflow/au/syd1/ceph-s3/read
- kv/service/repoflow/au/syd1/elasticsearch/read
- kv/service/repoflow/au/syd1/hasura/read
- kv/service/repoflow/au/syd1/postgres/read
- kv/service/repoflow/au/syd1/repoflow-server/read
audience: vault