» vault_jwt_auth_backend
Provides a resource for managing an JWT auth backend within Vault.
» Example Usage
resource "vault_jwt_auth_backend" "example" {
description = "Demonstration of the Terraform JWT auth backend"
path = "jwt"
oidc_discovery_url = "https://myco.auth0.com/"
bound_issuer = "https://myco.auth0.com/"
}
» Argument Reference
The following arguments are supported:
-
path- (Required) Path to mount the JWT auth backend -
description- (Optional) The description of the auth backend -
oidc_discovery_url- (Optional) The OIDC Discovery URL, without any .well-known component (base path). Cannot be used in combination withjwt_validation_pubkeys -
bound_issuer- (Optional) The value against which to match the iss claim in a JWT -
oidc_discovery_ca_pem- (Optional) The CA certificate or chain of certificates, in PEM format, to use to validate connections to the OIDC Discovery URL. If not set, system certificates are used -
jwt_validation_pubkeys- (Optional) A list of PEM-encoded public keys to use to authenticate signatures locally. Cannot be used in combination withoidc_discovery_url -
jwt_supported_algs- (Optional) A list of supported signing algorithms. Vault 1.1.0 defaults to [RS256] but future or past versions of Vault may differ
» Attributes Reference
No additional attributes are exposed by this resource.