homelab-nomad/acls/nomad_vault.tf

resource "nomad_acl_token" "vault" {
  name = "vault"
  type = "management"
}

resource "vault_nomad_secret_backend" "config" {
    backend = "nomad"
    description = "Nomad ACL"
    token = nomad_acl_token.vault.secret_id
}

resource "vault_nomad_secret_role" "nomad-deploy" {
  backend = vault_nomad_secret_backend.config.backend
  role = "nomad-deploy"
  # policies = ["nomad-deploy"]
}

resource "vault_nomad_secret_role" "admin" {
  backend = vault_nomad_secret_backend.config.backend
  role = "admin-management"
  type = "management"
}

resource "vault_policy" "nomad-deploy" {
  name = "nomad-deploy"
  policy = <<EOH
path "nomad/creds/nomad-deploy" {
  capabilities = ["read"]
}
EOH
}
Add Nomad ACL bootstrap 2022-03-22 04:26:04 +00:00			`resource "nomad_acl_token" "vault" {`
			`name = "vault"`
			`type = "management"`
			`}`

			`resource "vault_nomad_secret_backend" "config" {`
			`backend = "nomad"`
			`description = "Nomad ACL"`
			`token = nomad_acl_token.vault.secret_id`
			`}`

			`resource "vault_nomad_secret_role" "nomad-deploy" {`
			`backend = vault_nomad_secret_backend.config.backend`
			`role = "nomad-deploy"`
			`# policies = ["nomad-deploy"]`
			`}`

			`resource "vault_nomad_secret_role" "admin" {`
			`backend = vault_nomad_secret_backend.config.backend`
			`role = "admin-management"`
			`type = "management"`
			`}`

			`resource "vault_policy" "nomad-deploy" {`
			`name = "nomad-deploy"`
			`policy = <<EOH`
			`path "nomad/creds/nomad-deploy" {`
			`capabilities = ["read"]`
			`}`
			`EOH`
			`}`