» vault_approle_auth_backend_login
Logs into Vault using the AppRole auth backend. See the Vault documentation for more information.
» Example Usage
resource "vault_auth_backend" "approle" {
type = "approle"
}
resource "vault_approle_auth_backend_role" "example" {
backend = "${vault_auth_backend.approle.path}"
role_name = "test-role"
policies = ["default", "dev", "prod"]
}
resource "vault_approle_auth_backend_role_secret_id" "id" {
backend = "${vault_auth_backend.approle.path}"
role_name = "${vault_approle_auth_backend_role.example.role_name}"
}
resource "vault_approle_auth_backend_login" "login" {
backend = "${vault_auth_backend.approle.path}"
role_id = "${vault_approle_auth_backend_role.example.role_id}"
secret_id = "${vault_approle_auth_backend_role_secret_id.id.secret_id}"
}
» Argument Reference
The following arguments are supported:
-
role_id
- (Required) The ID of the role to log in with. -
secret_id
- (Optional) The secret ID of the role to log in with. Required unlessbind_secret_id
is set to false on the role. -
backend
- The unique path of the Vault backend to log in with.
» Attributes Reference
In addition to the fields above, the following attributes are exported:
-
policies
- A list of policies applied to the token. -
renewable
- Whether the token is renewable or not. -
lease_duration
- How long the token is valid for, in seconds. -
lease_started
- The date and time the lease started, in RFC 3339 format. -
accessor
- The accessor for the token. -
client_token
- The Vault token created. -
metadata
- The metadata associated with the token.