unkin/terraform-vault
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: unkin:d5bd00d8abaf73d2a3ffb8cbf3aa1bd1df96ed39
Branches Tags
unkin:master
..
compare: unkin:bfda3f2f722b34840053356f2d56c34cad9ffa7d
Branches Tags
unkin:master

No commits in common. "d5bd00d8abaf73d2a3ffb8cbf3aa1bd1df96ed39" and "bfda3f2f722b34840053356f2d56c34cad9ffa7d" have entirely different histories.
d5bd00d8ab ... bfda3f2f72

3 changed files with 1 additions and 19 deletions
Show Stats Expand all files Collapse all files

14
auth_approle_puppetapi.tf
View File

@ -1,14 +0,0 @@
resource "vault_approle_auth_backend_role" "puppetapi" {
role_name = "puppetapi"
bind_secret_id = false
token_policies = ["puppetapi_read_tokens"]
token_ttl = 30
token_max_ttl = 30
token_bound_cidrs = [
"198.18.17.3/32",
"198.18.13.32/32",
"198.18.13.33/32",
"198.18.13.34/32",
"198.18.13.46/32"
]
}

3
policies.tf
View File

@ -11,8 +11,7 @@ locals {
"policies/rundeck", "policies/rundeck",
"policies/ssh-host-signer", "policies/ssh-host-signer",
"policies/sshca", "policies/sshca",
"policies/kv/service/glauth/services", "policies/kv/service/glauth/services"
"policies/kv/service/puppetapi",
] ]
} }

3
policies/kv/service/puppetapi/puppetapi_read_tokens.hcl
View File

@ -1,3 +0,0 @@
path "kv/data/service/puppetapi/tokens" {
capabilities = ["read"]
}