M terraform_keycloak/keycloak.tf => terraform_keycloak/keycloak.tf +3 -3
@@ 14,9 14,9 @@ data "external" "vault_email" {
"group_vars/all/vault_email.yml"]
}
-data "external" "vault_vault" {
+data "external" "vault_oidc" {
program = ["${path.module}/../misc/read-vault.py",
- "group_vars/all/vault_vault.yml"]
+ "group_vars/all/vault_oidc.yml"]
}
provider "keycloak" {
@@ 94,7 94,7 @@ resource "keycloak_group_roles" "admin" {
resource "keycloak_openid_client" "vault_openid_client" {
realm_id = "xenrox"
client_id = "openid_vault"
- client_secret = data.external.vault_vault.result.vault_vault_openid_secret
+ client_secret = data.external.vault_oidc.result.vault_oidc_vault_secret
name = "Vault"
enabled = true
M terraform_vault/auth.tf => terraform_vault/auth.tf +3 -3
@@ 1,6 1,6 @@
-data "external" "vault_vault" {
+data "external" "vault_oidc" {
program = ["${path.module}/../misc/read-vault.py",
- "group_vars/all/vault_vault.yml"]
+ "group_vars/all/vault_oidc.yml"]
}
resource "vault_jwt_auth_backend" "keycloak" {
@@ 10,7 10,7 @@ resource "vault_jwt_auth_backend" "keycloak" {
default_role = "default"
oidc_discovery_url = "https://keycloak.xenrox.net/auth/realms/xenrox"
oidc_client_id = "openid_vault"
- oidc_client_secret = data.external.vault_vault.result.vault_vault_openid_secret
+ oidc_client_secret = data.external.vault_oidc.result.vault_oidc_vault_secret
tune {
listing_visibility = "unauth"