3e771b3783
- K8s auth role for Woodpecker CI (terraform-authentik SA) - AppRole for local runs - Consul secret backend role for state storage - Consul ACL policy for infra/terraform/authentik/ key prefix - Vault policy granting creds access to both auth methods
12 lines
196 B
YAML
12 lines
196 B
YAML
---
|
|
rules:
|
|
- path: "consul_root/au/syd1/creds/terraform-authentik"
|
|
capabilities:
|
|
- read
|
|
|
|
auth:
|
|
approle:
|
|
- terraform_authentik
|
|
k8s/au/syd1:
|
|
- woodpecker_terraform_authentik
|