terraform 获取文件的权限导入vault中

main.tf

resource "vault_policy" "admin_policy" {
  name   = var.policy-name

policy = file("client-policy.hcl") }

provide.tf

provider "vault" {
   address = var.vault-url
   token  =var.VAULT_TOKEN
   skip_tls_verify= true

}

variable.tf

#key login
variable "VAULT_TOKEN" {   default = "s.UbPN7zUoRBu15EXBwtwqZA8P"}
variable "vault-url" {    default = "http://127.0.0.1:8200"}


#policy permossions
variable "policy-name" {default = "admins"}

client-policy.hcl 权限文件

path "sys/"
{
  capabilities = ["create", "update", "delete", "sudo"]
}
path "sys/*"
{
  capabilities = ["create", "update", "delete", "sudo"]
}

 执行      terrform init  

          terrform plan 

          terrafrom apply

          terraform apply  -var 'policy-name=ks-ss' -auto-approve

posted @ 2021-12-22 15:27 晓凯林阅读(97) 评论(0) 收藏举报

刷新页面返回顶部

terraform 获取文件的权限导入vault中

公告