Questions tagged [terraform-provider-vault]
10 questions
4
votes
0 answers
terraform / hashicorp vault - ignore expiry of token
we're using terraform to provision various types of machines. most of these machines will sooner or later need some way to authenticate themselves to other machines. to do this, we are using a custom pki in hashicorp vault.
our plan was to create a…
rmalchow
- 2,689
- 18
- 31
1
vote
1 answer
HashiCorp Terraform/Vault - Why is my role max TTL configuration being ignored?
I'm trying to create a database self-service role with a max TTL (time to live) of 7 days. I have two environments, both running Vault 1.12.1, and one is working as expected and the other the logins disappear after an hour. Both roles were created…
Nate H
- 76
- 6
1
vote
0 answers
aws_role_arn not being used for Terraform Vault provider in auth_login_aws
I'm hoping to contribute some documentation on auth_login_aws because I'm trying to use the feature described in this feature request.
TL;DR, despite specifying aws_role_arn in the snippet below, the provider is still trying to use the credentials…
Corey Hornbeck
- 11
- 1
1
vote
1 answer
How or Where Can I Access My Vault OIDC Logs and JWT Claim Metadata
I have set up a local instance of HashiCorp Vault (Enterprise edition) to test an implementation of Vault and Azure AD Single Sign-On with OIDC. I am using Terraform to provision and configure my OIDC components in Visual Studio Code, but have run…
hitman126
- 699
- 1
- 12
- 43
0
votes
1 answer
Using terraform to fetch entity name under alias
I am trying to fetch all the entity names using data source vault_identity_entity, however unable to fetch the name of entity located under aliases.
Sample code:
'''
data “vault_identity_group” “group” {
group_name = “vaultadmin”
}
data…
arcrunner
- 1
- 1
0
votes
1 answer
Adding Entities to Vault Namespaces,Groups, or Policies Terraform
I'm having an issue with the Vault Terraform. I am able to create Entities, Namespaces, Groups, and policies but linking them together is not happening for me. I can get the policy added to the group just fine, but adding members to that group I…
Stacker
- 137
- 3
- 12
0
votes
1 answer
HashiCorp Vault OIDC SSO - Restricting Namespace Login Access to an Azure AD Group
I have implemented an OIDC single sign-on solution for Vault, using Azure AD for user authentication. To date, it all works pretty well and myself and other users within my organisation are able to login to Vault successfully via Azure AD SSO.
Not…
hitman126
- 699
- 1
- 12
- 43
0
votes
0 answers
Terraform Vault Provider with AWS method not seeing AWS_PROFILE
I've setup my Terraform vault provider as follows and configured the appropriate dev-role-iam role in vault with a suitable principal as shown and this is working through our build system with no issues retrieving secrets.
provider "vault" {
…
Mike
- 1
- 2
0
votes
1 answer
Hashicorp Vault Required Provider Configuration in Terraform
My GitLab CI pipeline terraform configuration requires a couple of required_provider blocks to be declared. These are "hashicorp/azuread" and "hashicorp/vault" and so in my provider.tf file, I have given the below declaration:
terraform {
…
hitman126
- 699
- 1
- 12
- 43
-1
votes
1 answer
Data source doesn't refresh contents while planning
data "vault_generic_secret" "nr" {
path = "secret/secrets"
}
I have this code to fetch data from Vault. I have added a new secret(newrelic_license_key) in the same vault location and while running terraform plan I am getting the following…
nishadmehendale
- 1
- 4