Caravan Platform¶
Bring the platform online
Caveats¶
Assumption:
All infra state should output:
control_plane_role_name: the vault role name that should be associated with control plane nodes
worker_plane_role_name: the vault role name that should be associated with worker plane nodes
GCP infra state should output:
control_plane_service_accounts: the list of service accounts associated with control plane nodes
worker_plane_service_accounts: the list of service accounts associated with worker plane nodes
project_id: the project id where the infra is running
AWS infra state should output:
control_plane_iam_role_arns: the IAM role arns of control plane nodes
worker_plane_iam_role_arns: the IAM role arns of worker plane nodes
region: the AWS region where the infra is running
vpc_id: the name of the vpc where the infra is running
OCI infra state should output:
home_tenancy_id
role_name
dynamic_group_ocid
AZURE infra state should output:
tenant_id: Azure AD tenant id
subscription_id: Azure subscription id
resource_group_name: resource group of the instances
vault_resource_name: AD resource used for generating tokens, e.g. https://management.azure.com
control_plane_service_principal_ids: list of service principal ids for control plane instances
worker_plane_service_principal_ids: list of service principal ids for worker plane instances
vault_client_id: the AD application id for Vault Azure dynamic secret
vault_client_secret: the AD application secret for Vault Azure dynamic secret
Modules¶
Name |
Source |
Version |
---|---|---|
git::https://github.com/bitrockteam/caravan-vault//modules/vault-authentication |
refs/tags/v0.3.23 |
|
git::https://github.com/bitrockteam/caravan-vault//modules/vault-consul-config |
refs/tags/v0.3.23 |
|
git::https://github.com/bitrockteam/caravan-nomad//modules/nomad-policies |
refs/tags/v0.1.5 |
|
git::https://github.com/bitrockteam/caravan-vault//modules/secrets |
refs/tags/v0.3.25 |
|
git::https://github.com/bitrockteam/caravan-vault//modules/default-policies |
refs/tags/v0.3.23 |
Resources¶
Name |
Type |
---|---|
resource |
|
data source |
|
data source |
Inputs¶
Name |
Description |
Type |
Default |
Required |
---|---|---|---|---|
n/a |
|
|
no |
|
APPROLE auth |
|
|
no |
|
Enable auth providers: aws, gcp, gsuite, oci, approle |
|
|
no |
|
AWS auth provider |
|
|
no |
|
n/a |
|
|
no |
|
n/a |
|
|
no |
|
n/a |
|
|
no |
|
n/a |
|
|
no |
|
n/a |
|
|
no |
|
n/a |
|
|
no |
|
n/a |
|
|
no |
|
n/a |
|
|
no |
|
n/a |
|
|
no |
|
n/a |
|
|
no |
|
n/a |
|
|
no |
|
n/a |
|
|
no |
|
Azure |
|
|
no |
|
n/a |
|
|
no |
|
n/a |
|
|
no |
|
n/a |
|
|
no |
|
n/a |
|
|
no |
|
n/a |
|
|
no |
|
Use an external state backend for inferencing configuration variables |
|
|
no |
|
n/a |
|
|
no |
|
Common state config |
|
|
no |
|
n/a |
|
|
no |
|
n/a |
|
|
no |
|
n/a |
|
|
no |
|
n/a |
|
|
no |
|
n/a |
|
|
no |
|
n/a |
|
|
no |
|
Extra |
|
|
no |
|
Enables and setup Nomad cluster |
|
|
no |
|
n/a |
|
|
no |
|
GCP auth provider |
|
|
no |
|
GCP state config |
|
|
no |
|
n/a |
|
|
no |
|
n/a |
|
|
no |
|
Credentials |
|
|
no |
|
n/a |
|
|
no |
|
GSUITE auth provider |
|
|
no |
|
n/a |
|
|
no |
|
n/a |
|
|
no |
|
n/a |
|
|
no |
|
n/a |
|
|
no |
|
n/a |
|
|
no |
|
n/a |
|
|
no |
|
n/a |
|
|
no |
|
OCI auth provider |
|
|
no |
|
n/a |
|
|
no |
|
S3 state config |
|
|
no |
|
n/a |
|
|
no |
|
n/a |
|
|
no |
|
n/a |
|
|
no |
|
Common args |
|
|
no |
|
n/a |
|
|
no |
|
n/a |
|
|
no |
Outputs¶
No outputs.