49889eaf22
feat: rework policies file
...
- policy files are now found automatically
2025-11-16 13:08:50 +11:00
cbee19b5f9
feat: move k8s secrets into vault
...
- update kubernetes_host to match value in jwt
- regenerate jwt token and store in vault
- add policy to enable access to jwt token
- update tf_deploy user with access to token
2025-11-16 12:42:18 +11:00
85d81fef72
feat: add transit engine
...
- add transit engine
- add policies to manage keys, encryption and decryption
- add ability to create keys to tf_vault approle
2025-11-15 15:55:51 +11:00
4364b444fd
feat: update policy names to be path based
...
- change policy names to be based on the path they are stored at
2025-11-15 10:48:17 +11:00
d508dcd4a9
feat: enable access to puppetcerts
...
- enable the terraform-incus repo to access puppet certs
2025-04-27 16:26:05 +10:00
9b9afdce58
feat: add pki for k8s
...
- add pki for k8s
- add policy to manage k8s/*/roles/*
2025-01-27 21:05:51 +11:00
f83ba13158
feat: add packer-builder role
...
- limit access to workstation and gitea runners
2025-01-11 21:01:17 +11:00
12e04b3db7
feat: add incus-cluster role/policies
...
- add policy and role to manage incus cluster join tokens
2025-01-06 23:16:06 +11:00
fc22ac1711
feat: add terraform_nomad role
...
- add approle and policy for nomad terraform
2024-12-28 17:14:14 +11:00
63dd355311
feat: add puppetapi approle/policy
2024-12-15 17:07:01 +11:00
f78416361b
feat: manage terraform access to vault
...
- add approle for terraform, tf_vault
- add policices to manage terraform access to vault
- add policices for default access to vault from ldap users
2024-09-26 22:59:40 +10:00
14790f8277
feat: import current status
...
- import pki, ssh, kv, rundeck engines
- deploy all roles from terraform
- deploy all policies from terraform
- deploy all approles from terraform
2024-09-23 22:01:18 +10:00
