https://github.com/devops-rob/terraform-vault-approle

The Vault AppRole Terraform module configures HashiCorp Vault AppRoles and associated policies for machines or applications to authenticate against Vault.
https://github.com/devops-rob/terraform-vault-approle

Last synced: 10 months ago
JSON representation

The Vault AppRole Terraform module configures HashiCorp Vault AppRoles and associated policies for machines or applications to authenticate against Vault.

• Host: GitHub
• URL: https://github.com/devops-rob/terraform-vault-approle
• Owner: devops-rob
• License: apache-2.0
• Created: 2021-01-20T11:57:26.000Z (about 5 years ago)
• Default Branch: main
• Last Pushed: 2021-01-22T11:40:34.000Z (about 5 years ago)
• Last Synced: 2025-02-08T02:35:29.564Z (12 months ago)
• Language: HCL
• Homepage:
• Size: 12.7 KB
• Stars: 0
• Watchers: 2
• Forks: 2
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# Vault AppRole Terraform module

The Vault AppRole Terraform module configures HashiCorp Vault AppRoles and associated policies for machines or applications to authenticate against Vault. For more information on AppRole, refer to the [documentation.](https://www.vaultproject.io/docs/auth/approle)

## Prerequisites

This module requires the AppRole auth method to be enabled and configured at a path of your choice.

## Usage

This module supports the creation of Vault policies written in HCL and JSON.  These policies can be stored in any location on the machine running the `terraform apply`.  By default, the module will look in the current working directory for any policy files. This can be changed by setting the `policies_path` variable to the absolute path of your Vault policy files. The module will write these policies into Vault.

The module also provides the option of adding pre-existing Vault policies, in addition to, or instead of Vault policies defined by this module. To achieve the latter, simply do not create any Vault policy files in the current working directory and do not set the `policies_path` variable.

The below code snippet is an example of how to use the module:

```hcl

provider "vault" {

  address = "http://127.0.0.1:8200"

  token = var.vault_token

}

variable "vault_token" {

  description = "Set this value with the TF_VAR_vault_token environment variable"

}

resource "vault_auth_backend" "approle" {

  type        = "approle"

  path        = "approle"

}

module "example" {

  source = "devops-rob/approle/vault"

  approle_name = "example"

  depends_on = [

    vault_auth_backend.approle

  ]

}

```

## License

Licensed under the Apache License, Version 2.0 (the "License").

You may obtain a copy of the License at [apache.org/licenses/LICENSE-2.0](http://www.apache.org/licenses/LICENSE-2.0).

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an _"AS IS"_ basis, without WARRANTIES or conditions of any kind, either express or implied.

See the License for the specific language governing permissions and limitations under the License.