Caravan Vault Authentication¶
Requirements¶
No requirements.
Modules¶
No modules.
Resources¶
Name |
Type |
---|---|
resource |
|
resource |
|
resource |
|
resource |
|
resource |
|
resource |
|
resource |
|
resource |
|
resource |
|
resource |
|
resource |
|
resource |
|
resource |
|
resource |
|
resource |
|
resource |
|
resource |
|
resource |
|
resource |
Inputs¶
Name |
Description |
Type |
Default |
Required |
---|---|---|---|---|
(optional) When using APPROLE auth provider, the role name |
|
|
no |
|
(optional) When using APPROLE auth provider, the token policies associated with the role |
|
|
no |
|
Allowed auth providers: aws, gcp, gsuite, oci, approle |
|
|
no |
|
(optional) The list of AWS IAM Role ARNs that can authenticate as cluster nodes |
|
|
no |
|
(optional) The AWS Region whose instances can authenticate |
|
|
no |
|
(optional) The AWS VPC ID whose instances can authenticate |
|
|
no |
|
(optional) The list of AWS IAM Role ARNs that can authenticate as worker nodes |
|
|
no |
|
(Optional) The client id for credentials to query the Azure APIs. Currently read permissions to query compute resources are required. |
|
|
no |
|
(Optional) The client secret for credentials to query the Azure APIs. |
|
|
no |
|
(optional) Defines a constraint on the service principals that can perform the login operation that they should be possess the ids specified by this field. |
|
|
no |
|
(optional) The configured URL for the application registered in Azure Active Directory. |
|
|
no |
|
(optional) Defines a constraint on the virtual machiness that can perform the login operation that they be associated with the resource group that matches the value specified by this field. |
|
|
no |
|
(optional) Defines a constraint on the subscriptions that can perform the login operation to ones which matches the value specified by this field. |
|
|
no |
|
(optional) The tenant id for the Azure Active Directory organization. |
|
|
no |
|
(optional) Defines a constraint on the service principals that can perform the login operation that they should be possess the ids specified by this field. |
|
|
no |
|
The control plane role name |
|
|
no |
|
The policies associated with control plane roles |
|
[ |
no |
|
(optional) When using GCP auth provider, the list of control plane service accounts |
|
|
no |
|
(optional) When using GCP auth provider, the Project ID |
|
|
no |
|
(optional) When using GCP auth provider, the list of worker plane service accounts |
|
|
no |
|
(optional) When using GSUITE auth provider, the allowed redirect uris |
|
|
no |
|
(optional) When using GSUITE auth provider, the client id |
|
|
no |
|
(optional) When using GSUITE auth provider, the client secret |
|
|
no |
|
(optional) When using GSUITE auth provider, the name of the default role |
|
|
no |
|
(optional) When using GSUITE auth provider, the list of policies associated with the default role |
|
|
no |
|
(optional) When using GSUITE auth provider, the domain name |
|
|
no |
|
(optional) When using OCI auth provider, the dynamic group ocid |
|
|
no |
|
(optional) When using OCI auth provider, the Tenant Id |
|
|
no |
|
(optional) When using OCI auth provider, the role name to create |
|
|
no |
|
Fully qualified vault address as used in VAULT_ADDR |
|
|
no |
|
The worker plane role name |
|
|
no |
|
The policies associated with worker plane roles |
|
[ |
no |
Outputs¶
No outputs.