homelab/terraform/vault/ldap.tf

21 lines
701 B
Terraform
Raw Normal View History

2022-08-10 17:30:38 +00:00
resource "vault_ldap_auth_backend" "ldap" {
path = "ldap"
2024-01-21 15:51:20 +00:00
url = "ldaps://ldaps.service.consul"
2024-03-10 08:50:47 +00:00
userdn = "ou=users,dc=ducamps,dc=eu"
2022-08-10 17:30:38 +00:00
userattr = "uid"
discoverdn = false
2024-01-21 15:51:20 +00:00
insecure_tls = true
groupdn = "ou=groups,dc=ducamps,dc=eu"
2022-08-10 17:30:38 +00:00
groupfilter = "(|(memberUid={{.Username}})(member={{.UserDN}})(uniqueMember={{.UserDN}}))"
2024-03-10 08:50:47 +00:00
binddn = "uid=vaultserviceaccount,ou=serviceAccount,ou=users,dc=ducamps,dc=eu"
2022-08-10 17:30:38 +00:00
groupattr = "cn"
bindpass = var.ldap_bindpass
}
resource "vault_ldap_auth_backend_group" "vault_admin" {
groupname = "vault_admin"
policies = ["admin_policy"]
backend = vault_ldap_auth_backend.ldap.path
}