39 lines
755 B
HCL
39 lines
755 B
HCL
terraform {
|
|
backend "gcs" {
|
|
bucket = "arcodange-tf"
|
|
prefix = "tools/hashicorp_vault/main"
|
|
}
|
|
}
|
|
|
|
variable "vault_address" {
|
|
type = string
|
|
default = "http://127.0.0.1:8200"
|
|
}
|
|
|
|
terraform {
|
|
required_providers {
|
|
vault = {
|
|
source = "vault"
|
|
version = "4.4.0"
|
|
}
|
|
}
|
|
}
|
|
|
|
provider vault {
|
|
address = var.vault_address
|
|
auth_login_jwt { # TERRAFORM_VAULT_AUTH_JWT environment variable
|
|
role = "admin"
|
|
}
|
|
}
|
|
|
|
data "vault_policy_document" "admin" {
|
|
rule {
|
|
path = "*"
|
|
capabilities = ["create", "read", "update", "delete", "list", "sudo"]
|
|
description = "admin privileges"
|
|
}
|
|
}
|
|
resource "vault_policy" "admin" {
|
|
name = "admin"
|
|
policy = data.vault_policy_document.admin.hcl
|
|
} |