unkin/terraform-vault
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
f78416361b
terraform-vault/policies.tf
Ben Vincent f78416361b feat: manage terraform access to vault 
- add approle for terraform, tf_vault
- add policices to manage terraform access to vault
- add policices for default access to vault from ldap users
2024-09-26 22:59:40 +10:00

37 lines
889 B
HCL
Raw Blame History

# Define a list of directories that contain policy files
locals {
policy_directories = [
"policies",
"policies/sys",
"policies/auth/approle",
"policies/auth/ldap",
"policies/auth/token",
"policies/pki_int",
"policies/pki_root",
"policies/rundeck",
"policies/ssh-host-signer",
"policies/sshca",
"policies/kv/service/glauth/services"
]
}
# Load policy files from each directory
locals {
policy_files = flatten([
for path in local.policy_directories : [
for policy in fileset(path, "*.hcl") : {
name = trim(replace(policy, ".hcl", ""), "/")
path = "${path}/${policy}"
}
]
])
}
# Define Vault policies for all listed directories
resource "vault_policy" "policies" {
for_each = { for policy in local.policy_files : policy.name => policy }
name = each.value.name
policy = file(each.value.path)
}
Reference in New Issue View Git Blame Copy Permalink