vault_pki_bootstrap#

Goal

Render and apply a terraform module for:

  • setup a pki engine

  • setup least privilege policy, role and initial token


Disclaimer

This playbook and terraform module are provided as-is for you to test and hack around your own pki management strategy.

Usage#

> ansible-playbook wescale.hashistack.vault_pki_bootstrap  \
>        -e hs_vault_pki_name=...                          \
>        -e hs_vault_pki_domain=...

Parameters#

  • Name given to the pki engine you want to create.

hs_vault_pki_name: ~
  • Root domain that the pki engine will be allowed to issue certificates for.

hs_vault_pki_domain: ~