From 32513e72f2e6f3877d92cda77b1a484f617bdba7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thorben=20G=C3=BCnther?= Date: Fri, 2 Jul 2021 14:29:24 +0200 Subject: [PATCH] vault: ansible vault -> hashicorp vault --- terraform_vault/auth.tf | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/terraform_vault/auth.tf b/terraform_vault/auth.tf index ab13e35..22cac04 100644 --- a/terraform_vault/auth.tf +++ b/terraform_vault/auth.tf @@ -1,6 +1,5 @@ -data "external" "vault_oidc" { - program = ["${path.module}/../misc/read-vault.py", - "group_vars/all/vault_oidc.yml"] +data "vault_generic_secret" "vault" { + path = "ansible/vault" } resource "vault_jwt_auth_backend" "keycloak" { @@ -10,7 +9,7 @@ resource "vault_jwt_auth_backend" "keycloak" { default_role = "default" oidc_discovery_url = "https://keycloak.xenrox.net/auth/realms/xenrox" oidc_client_id = "openid_vault" - oidc_client_secret = data.external.vault_oidc.result.vault_oidc_vault_secret + oidc_client_secret = data.vault_generic_secret.vault.data["oidc_secret"] tune { listing_visibility = "unauth" -- 2.44.0