vault_kv_realm#
Purpose
This module is provided as guiding sample for implementing your own delegation. It creates 2 policies with associated tokens tied to a kv-v2 mount point:
an
administratorone, with read-write access to all subpaths beginning with therealm_namevariablea
userone, with read-only access to the same perimeter.
Authentication#
Provide your cluster address and token as environment variables.
export VAULT_ADDR="..."
export VAULT_TOKEN="..."
Providers#
Name |
Version |
|---|---|
vault |
3.21.0 |
Inputs#
Name |
Description |
Type |
Default |
Required |
|---|---|---|---|---|
kv_v2_mount_point |
n/a |
|
n/a |
yes |
realm_name |
n/a |
|
n/a |
yes |
admin_token_renew_increment |
n/a |
|
|
no |
admin_token_renew_min_lease |
n/a |
|
|
no |
admin_token_renewable |
n/a |
|
|
no |
admin_token_ttl |
n/a |
|
|
no |
user_token_renew_increment |
n/a |
|
|
no |
user_token_renew_min_lease |
n/a |
|
|
no |
user_token_renewable |
n/a |
|
|
no |
user_token_ttl |
n/a |
|
|
no |
Outputs#
Name |
Description |
|---|---|
realm_admin_token |
kv-realm administrator token (rw) |
realm_user_token |
kv-realm user token (ro) |