add ops_ prefix to policies applied to cicd role

2025-12-03 15:16:46 +01:00
parent 50f8ea95be
commit c490d37fd7
4 changed files with 4 additions and 4 deletions
--- a/hashicorp-vault/iac/modules/app_policy/main.tf
+++ b/hashicorp-vault/iac/modules/app_policy/main.tf
@@ -129,7 +129,7 @@ data "vault_auth_backend" "gitea_jwt" {
 resource "vault_jwt_auth_backend_role" "gitea_jwt_cicd" {
  backend        = data.vault_auth_backend.gitea_jwt.path
  role_name      = "gitea_cicd_${local.name}"
-  token_policies = concat(["default"], var.policies) # give "${local.name}-ops" role to group of entities
+  token_policies = concat(["default"], var.ops_policies) # give "${local.name}-ops" role to group of entities

  bound_audiences = [
    var.gitea_app_id,
--- a/hashicorp-vault/iac/modules/app_policy/variables.tf
+++ b/hashicorp-vault/iac/modules/app_policy/variables.tf
@@ -4,7 +4,7 @@ variable "name" {
 variable "gitea_app_id" {
  type = string
 }
-variable "policies" {
+variable "ops_policies" {
  type    = list(string)
  default = []
 }