@@ 1,6 1,5 @@
-data "external" "vault_oidc" {
- program = ["${path.module}/../misc/read-vault.py",
- "group_vars/all/vault_oidc.yml"]
+data "vault_generic_secret" "vault" {
+ path = "ansible/vault"
}
resource "vault_jwt_auth_backend" "keycloak" {
@@ 10,7 9,7 @@ resource "vault_jwt_auth_backend" "keycloak" {
default_role = "default"
oidc_discovery_url = "https://keycloak.xenrox.net/auth/realms/xenrox"
oidc_client_id = "openid_vault"
- oidc_client_secret = data.external.vault_oidc.result.vault_oidc_vault_secret
+ oidc_client_secret = data.vault_generic_secret.vault.data["oidc_secret"]
tune {
listing_visibility = "unauth"