From 0fbc1c716b3694aa040c880a29eda9587cc5ba47 Mon Sep 17 00:00:00 2001 From: Ian Fijolek Date: Mon, 25 Jul 2022 22:11:08 -0700 Subject: [PATCH] WIP: Begin config to bootstrap ACLs Following guide here: https://learn.hashicorp.com/tutorials/consul/vault-consul-secrets?in=consul/vault-secure Unsure of how this will actually authenticate though. --- acls/consul_vault.tf | 23 ++++++++++++++++++++++ acls/vars.tf | 8 ++++++-- setup-cluster.yml | 46 +++++++++++++++++++------------------------- 3 files changed, 49 insertions(+), 28 deletions(-) create mode 100644 acls/consul_vault.tf diff --git a/acls/consul_vault.tf b/acls/consul_vault.tf new file mode 100644 index 0000000..79e8101 --- /dev/null +++ b/acls/consul_vault.tf @@ -0,0 +1,23 @@ +resource "vault_consul_secret_backend" "config" { + path = "consul" + description = "Manages the Consul backend" + + address = "http://127.0.0.1:8500" + token = var.consul_token +} + +resource "consul_acl_policy" "server_policy" { + name = "consul-servers" + rules = <