unkin/terraform-vault
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: kubernetes auth fixes #53

Merged
unkinben merged 1 commits from benvin/kubernetes_fixes into master 2026-02-15 13:08:43 +11:00
Conversation 0 Commits 1 Files Changed 10 +10 -10
10 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
config/auth_kubernetes_backend/k8s/au/syd1.yaml
View File

@ -1,5 +1,5 @@
kubernetes_host: https://api-k8s.service.consul:6443 kubernetes_host: https://api-k8s.service.consul:6443
disable_iss_validation: true disable_iss_validation: true
use_annotations_as_alias_metadata: true use_annotations_as_alias_metadata: false # doesnt work with openbao yet
default_lease_ttl: 1h default_lease_ttl: 1h
max_lease_ttl: 24h max_lease_ttl: 24h

2
config/auth_kubernetes_role/k8s/au/syd1/ceph-csi.yaml
View File

@ -4,5 +4,5 @@ bound_service_account_names:
bound_service_account_namespaces: bound_service_account_namespaces:
- csi-cephrbd - csi-cephrbd
- csi-cephfs - csi-cephfs
token_ttl: 60 token_ttl: 600
audience: vault audience: vault

2
config/auth_kubernetes_role/k8s/au/syd1/cert_manager_issuer.yaml
View File

@ -2,5 +2,5 @@ bound_service_account_names:
- cert-manager-vault-issuer - cert-manager-vault-issuer
bound_service_account_namespaces: bound_service_account_namespaces:
- cert-manager - cert-manager
token_ttl: 60 token_ttl: 600
audience: vault audience: vault

2
config/auth_kubernetes_role/k8s/au/syd1/externaldns.yaml
View File

@ -2,5 +2,5 @@ bound_service_account_names:
- externaldns - externaldns
bound_service_account_namespaces: bound_service_account_namespaces:
- externaldns - externaldns
token_ttl: 60 token_ttl: 600
audience: vault audience: vault

2
config/auth_kubernetes_role/k8s/au/syd1/huntarr-default.yaml
View File

@ -2,5 +2,5 @@ bound_service_account_names:
- default - default
bound_service_account_namespaces: bound_service_account_namespaces:
- huntarr - huntarr
token_ttl: 60 token_ttl: 600
audience: vault audience: vault

2
config/auth_kubernetes_role/k8s/au/syd1/identity.yaml
View File

@ -2,5 +2,5 @@ bound_service_account_names:
- default - default
bound_service_account_namespaces: bound_service_account_namespaces:
- identity - identity
token_ttl: 60 token_ttl: 600
audience: vault audience: vault

2
config/auth_kubernetes_role/k8s/au/syd1/media-apps.yaml
View File

@ -2,5 +2,5 @@ bound_service_account_names:
- media-apps-vault-reader - media-apps-vault-reader
bound_service_account_namespaces: bound_service_account_namespaces:
- media-apps - media-apps
token_ttl: 60 token_ttl: 600
audience: vault audience: vault

2
config/auth_kubernetes_role/k8s/au/syd1/puppet.yaml
View File

@ -2,5 +2,5 @@ bound_service_account_names:
- default - default
bound_service_account_namespaces: bound_service_account_namespaces:
- puppet - puppet
token_ttl: 60 token_ttl: 600
audience: vault audience: vault

2
config/auth_kubernetes_role/k8s/au/syd1/rancher.yaml
View File

@ -2,5 +2,5 @@ bound_service_account_names:
- rancher - rancher
bound_service_account_namespaces: bound_service_account_namespaces:
- cattle-system - cattle-system
token_ttl: 60 token_ttl: 600
audience: vault audience: vault

2
config/auth_kubernetes_role/k8s/au/syd1/repoflow.yaml
View File

@ -2,5 +2,5 @@ bound_service_account_names:
- default - default
bound_service_account_namespaces: bound_service_account_namespaces:
- repoflow - repoflow
token_ttl: 60 token_ttl: 600
audience: vault audience: vault