{"id":25115742,"url":"https://github.com/devops-rob/terraform-vault-azuread-groups","last_synced_at":"2025-04-02T11:41:29.240Z","repository":{"id":43818888,"uuid":"431535696","full_name":"devops-rob/terraform-vault-azuread-groups","owner":"devops-rob","description":"This module is designed to read all Azure Active Directory (AAD) groups in an Azure Tenant, and create external identity groups in HashiCorp Vault and Group aliases that tie these all together.","archived":false,"fork":false,"pushed_at":"2022-02-17T19:08:06.000Z","size":8,"stargazers_count":2,"open_issues_count":1,"forks_count":3,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-02-08T02:35:29.567Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/devops-rob.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2021-11-24T15:28:28.000Z","updated_at":"2022-01-15T00:10:26.000Z","dependencies_parsed_at":"2022-09-19T17:10:33.547Z","dependency_job_id":null,"html_url":"https://github.com/devops-rob/terraform-vault-azuread-groups","commit_stats":null,"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devops-rob%2Fterraform-vault-azuread-groups","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devops-rob%2Fterraform-vault-azuread-groups/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devops-rob%2Fterraform-vault-azuread-groups/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devops-rob%2Fterraform-vault-azuread-groups/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/devops-rob","download_url":"https://codeload.github.com/devops-rob/terraform-vault-azuread-groups/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246811183,"owners_count":20837745,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-02-08T02:33:52.701Z","updated_at":"2025-04-02T11:41:28.933Z","avatar_url":"https://github.com/devops-rob.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Azure Active Directory Groups to Vault External Identity Groups\n\nThis module is designed to read all Azure Active Directory (AAD) groups in an Azure Tenant, and create external identity groups in HashiCorp Vault and Group aliases that tie these all together.\n\nAAD groups can be filtered to only create HashiCorp Vault External groups for Security-enabled AAD groups or Mail-enabled AAD groups. For the best results, this module should be run on an automated CICD pipeline and regular intervals to ensure changes in AAD groups are quickly replicated to HashiCorp Vault.\n\n## Example Usage\n\n**All Groups**\n\n```hcl\nterraform {\n  required_providers {\n    azuread = {\n      source  = \"hashicorp/azuread\"\n      version = \"~\u003e 2.10.0\"\n    }\n  }\n}\n\nprovider \"vault\" {\n  address = \"http://localhost:8200\"\n  token   = var.vault_token\n}\n\nprovider \"azuread\" {}\n\nvariable \"vault_token\" {}\n\nmodule \"groups\" {\n  source = \"../\"\n}\n```\n\n**Security-Enabled Groups**\n\n```hcl\nterraform {\n  required_providers {\n    azuread = {\n      source  = \"hashicorp/azuread\"\n      version = \"~\u003e 2.10.0\"\n    }\n  }\n}\n\nprovider \"vault\" {\n  address = \"http://localhost:8200\"\n  token   = var.vault_token\n}\n\nprovider \"azuread\" {}\n\nvariable \"vault_token\" {}\n\nmodule \"groups\" {\n  source = \"../\"\n  \n  security_enabled = true\n}\n```\n\n**Mail-Enabled Groups**\n\n```hcl\nterraform {\n  required_providers {\n    azuread = {\n      source  = \"hashicorp/azuread\"\n      version = \"~\u003e 2.10.0\"\n    }\n  }\n}\n\nprovider \"vault\" {\n  address = \"http://localhost:8200\"\n  token   = var.vault_token\n}\n\nprovider \"azuread\" {}\n\nvariable \"vault_token\" {}\n\nmodule \"groups\" {\n  source = \"../\"\n\n  mail_enabled = true\n}\n```\n\n## License\n\nLicensed under the Apache License, Version 2.0 (the \"License\").\n\nYou may obtain a copy of the License at [apache.org/licenses/LICENSE-2.0](http://www.apache.org/licenses/LICENSE-2.0).\n\nUnless required by applicable law or agreed to in writing, software distributed under the License is distributed on an _\"AS IS\"_ basis, without WARRANTIES or conditions of any kind, either express or implied.\n\nSee the License for the specific language governing permissions and limitations under the License.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdevops-rob%2Fterraform-vault-azuread-groups","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdevops-rob%2Fterraform-vault-azuread-groups","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdevops-rob%2Fterraform-vault-azuread-groups/lists"}