unkin/terraform-vault
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
ad1118af85
terraform-vault/auth_approle_tf_vault.tf
Ben Vincent cafa887cdc chore: remove references k8s pki policy 
- missed from previous pr
- policy no longer exists, remove it from the approle
2025-11-27 21:07:50 +11:00

31 lines
909 B
HCL
Raw Blame History

resource "vault_approle_auth_backend_role" "tf_vault" {
role_name = "tf_vault"
bind_secret_id = false
token_policies = [
"default_access",
"auth/token/auth_token_create",
"auth/token/auth_token_self",
"auth/token/auth_token_roles_admin",
"auth/approle/approle_role_admin",
"auth/approle/approle_role_login",
"approle_token_create",
"auth/kubernetes/k8s_auth_admin",
"auth/ldap/ldap_admin",
"pki_int/pki_int_roles_admin",
"pki_root/pki_root_roles_admin",
"ssh-host-signer/ssh-host-signer_roles_admin",
"sshca/sshca_roles_admin",
"kv/service/glauth/services/svc_vault_read",
"sys/sys_auth_admin",
"sys/sys_mounts_admin",
"sys/sys_policy_admin",
"transit/keys/admin",
"kv/service/kubernetes/au/syd1/token_reviewer_jwt/read",
]
token_ttl = 60
token_max_ttl = 120
token_bound_cidrs = [
"10.10.12.200/32",
]
}
Reference in New Issue View Git Blame Copy Permalink