auth_kubernetes_roles.tf

@@ -95,23 +95,3 @@ resource "vault_kubernetes_auth_backend_role" "media-apps" {
   ]
   audience = "vault"
 }
-
-resource "vault_kubernetes_auth_backend_role" "repoflow" {
-  backend   = vault_auth_backend.kubernetes.path
-  role_name = "repoflow"
-  bound_service_account_names = [
-    "default",
-  ]
-  bound_service_account_namespaces = [
-    "repoflow",
-  ]
-  token_ttl = 60
-  token_policies = [
-    "kv/service/repoflow/au/syd1/ceph-s3/read",
-    "kv/service/repoflow/au/syd1/elasticsearch/read",
-    "kv/service/repoflow/au/syd1/hasura/read",
-    "kv/service/repoflow/au/syd1/postgres/read",
-    "kv/service/repoflow/au/syd1/repoflow-server/read",
-  ]
-  audience = "vault"
-}

policies/kv/service/repoflow/au/syd1/ceph-s3/read.hcl

@@ -1,3 +0,0 @@
-path "kv/data/service/repoflow/au/syd1/ceph-s3" {
-  capabilities = ["read"]
-}

policies/kv/service/repoflow/au/syd1/elasticsearch/read.hcl

@@ -1,3 +0,0 @@
-path "kv/data/service/repoflow/au/syd1/elasticsearch" {
-  capabilities = ["read"]
-}

policies/kv/service/repoflow/au/syd1/hasura/read.hcl

@@ -1,3 +0,0 @@
-path "kv/data/service/repoflow/au/syd1/hasura" {
-  capabilities = ["read"]
-}

policies/kv/service/repoflow/au/syd1/postgres/read.hcl

@@ -1,3 +0,0 @@
-path "kv/data/service/repoflow/au/syd1/postgres" {
-  capabilities = ["read"]
-}

policies/kv/service/repoflow/au/syd1/repoflow-server/read.hcl

@@ -1,3 +0,0 @@
-path "kv/data/service/repoflow/au/syd1/repoflow-server" {
-  capabilities = ["read"]
-}