include "root" { path = find_in_parent_folders("root.hcl") expose = true } include "config" { path = "${get_repo_root()}/config/config.hcl" expose = true } include "policies" { path = "${get_repo_root()}/policies/policies.hcl" expose = true } locals { # Extract country and region from path path_parts = split("/", dirname(get_terragrunt_dir())) country = basename(dirname(get_terragrunt_dir())) # "au" region = basename(get_terragrunt_dir()) # "syd1" # Include configuration from config.hcl config = include.config.locals.config # Include policies from policies.hcl policies = include.policies.locals } terraform { source = "../../../modules/vault_cluster" } inputs = { country = local.country region = local.region # Pass configuration maps to vault_cluster module auth_approle_backend = local.config.auth_approle_backend auth_approle_role = local.config.auth_approle_role auth_ldap_backend = local.config.auth_ldap_backend auth_ldap_group = local.config.auth_ldap_group auth_kubernetes_backend = local.config.auth_kubernetes_backend auth_kubernetes_role = local.config.auth_kubernetes_role kv_secret_backend = local.config.kv_secret_backend transit_secret_backend = local.config.transit_secret_backend transit_secret_backend_key = local.config.transit_secret_backend_key ssh_secret_backend = local.config.ssh_secret_backend ssh_secret_backend_role = local.config.ssh_secret_backend_role pki_secret_backend = local.config.pki_secret_backend pki_secret_backend_role = local.config.pki_secret_backend_role consul_secret_backend = local.config.consul_secret_backend consul_secret_backend_role = local.config.consul_secret_backend_role kubernetes_secret_backend = local.config.kubernetes_secret_backend kubernetes_secret_backend_role = local.config.kubernetes_secret_backend_role pki_mount_only = local.config.pki_mount_only # Pass policy maps to vault_cluster module policy_auth_map = local.policies.policy_auth_map policy_rules_map = local.policies.policy_rules_map }