Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/crazy-canux/terraform-aws-bank-vaults
terraform deploy vault-secret-webhook on eks.
https://github.com/crazy-canux/terraform-aws-bank-vaults
aws bank-vaults kubernetes secrets terraform vault
Last synced: 2 days ago
JSON representation
terraform deploy vault-secret-webhook on eks.
- Host: GitHub
- URL: https://github.com/crazy-canux/terraform-aws-bank-vaults
- Owner: crazy-canux
- Created: 2022-07-18T03:36:48.000Z (over 2 years ago)
- Default Branch: main
- Last Pushed: 2023-08-08T03:37:15.000Z (over 1 year ago)
- Last Synced: 2024-04-16T04:22:52.058Z (7 months ago)
- Topics: aws, bank-vaults, kubernetes, secrets, terraform, vault
- Language: HCL
- Homepage:
- Size: 2.93 KB
- Stars: 1
- Watchers: 3
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# terraform bank vaults
provision vault-secrets-webhook to EKS.
## HowTo
module "secrets_webhook" {
source = "crazy-canux/vaults/bank"
version = "0.1.0"
cluster_name = local.cluster_name
project = local.vault_project
helm_chart_version = local.helm_chart_version
vault_policies = [
{
name = "${local.vault_project}/${local.vault_role_name}"
hcl = <<-EOT
path "${local.vault_project}/*" {
capabilities = ["read", "list"]
}
EOT
}
]
extra_sa_mappings = [
{
name = local.vault_role_name
namespaces = [local.namespace]
service_accounts = [local.service_account]
policies = ["${local.vault_project}/${local.vault_role_name}"]
ttl = 7200
}
]
}